Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for August 26, 2021

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Atlassian Jira

  • Atlassian Jira DefaultOSWorkflowConfigurator Remote Code Execution Vulnerability (CVE-2017-18113)
  • Atlassian Jira Export HTML Report Cross-Site Scripting Vulnerability (CVE-2021-26083)
  • Atlassian Jira REST API Folder Endpoint Username Enumeration Vulnerability (CVE-2021-26081)
  • Atlassian Jira XML Export Cross-Site Scripting Vulnerability (CVE-2021-26082)

Magento

CentOS

Debian

Dell iDRAC

  • Dell iDRAC Improper Authentication Vulnerability (DSA-2021-082) (CVE-2021-21538)

Fedora

Microsoft

MongoDB

  • MongoDB logMessage Improper Encoding Vulnerability (SERVER-50605) (CVE-2021-20333)

PostgreSQL

  • PostgreSQL max_worker_processes Memory Disclosure Vulnerability (Security Update 2021-08-12) (CVE-2021-3677)

Red Hat (Credentialed Checks)

Ubuntu (Credentialed Checks)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.