Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for March 18, 2021

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Joomla

  • Joomla Core Author Field Access Control List Violation (20210309) (CVE-2021-26029)
  • Joomla Core com_content Access List Violation Vulnerability (20210307) (CVE-2021-26027)
  • Joomla Core com_media Improper Input Validation (CVE-2021-23132)
  • Joomla Core Cross-Site Scripting Vulnerabilities (CVE-2021-23130, CVE-2021-23129)
  • Joomla Core FOFEncryptRandval Insecure Randomness Vulnerability (20210302) (CVE-2021-23128)
  • Joomla Core Multiple 2-Factor-Authentication Insecure Randomness Vulnerability (20210301) (CVE-2021-23127, CVE-2021-23126)
  • Joomla Core template manager Improper Input Validation Vulnerability (20210305) (CVE-2021-23131)
  • Joomla Core zip class Path Traversal Vulnerability (20210308) (CVE-2021-26028)

Microsoft

MongoDB

  • MongoDB Server Crafted Regex Denial of Service (SERVER-51083) (CVE-2020-7929)
  • MongoDB Server Find-Explain Denial of Service (SERVER-38275) (CVE-2018-25004)

Red Hat (Credentialed Checks)

Ubuntu (Credentialed Checks)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.