Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for January 20, 2021

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Atlassian Confluence

  • Atlassian Confluence Server-Side Template Injection Vulnerability (CVE-2019-3396)

Cisco

  • Cisco ASA Remote Code Execution Vulnerability (cisco-sa-20191112-asa-ftd-lua-rce) (CVE-2019-15992)

CentOS

Debian (Credentialed Checks)

Dell iDRAC

  • Dell iDRAC Reflected Cross-Site Scripting (DSA-2020-268) (CVE-2020-26198)

DrayTek

  • DrayTek Vigor Remote Code Execution (CVE-2020-8515) (CVE-2020-8515)

HP Integrated Lights-Out

  • HP Integrated Lights-Out Remote Disclosure of Information Vulnerability (HPESBHF04069) (CVE-2020-7202)

Joomla

Microsoft

Red Hat (Credentialed Checks)

Solarwinds

  • Solarwinds Orion authentication bypass vulnerability (SUPERNOVA) (CVE-2020-10148)

Ubuntu (Credentialed Checks)

VMware ESXi

Webmin

  • Webmin miniserv.pl Remote Code Execution Vulnerability (CVE-2020-35769) (CVE-2020-35769)
  • Webmin Package Updates Arbitrary Command Execution Vulnerability (CVE-2020-35606) (CVE-2020-35606)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.