Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for May 20, 2022

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Adobe

Apache

  • Apache Struts OGNL Remote Code Execution Vulnerability (CVE-2021-31805)

F5 BIG-IP

  • F5 BIG-IP iControl REST Remote Code Execution (K23605346) (CVE-2022-1388)

Microsoft

MongoDB

  • MongoDB pipeline Denial of Service Vulnerability (SERVER-58203 SERVER-59299 & SERVER-60218) (CVE-2021-32040)

Nginx

  • Nginx TLS Improper Certificate Validation Vulnerability (CVE-2021-3618)

OpenSSL

Sendmail

  • Sendmail TLS Improper Certificate Validation Vulnerability (CVE-2021-3618)

Ubuntu (Credentialed Checks)

VMWare

  • VMware Identity Manager Server-side Template Injection Remote Code Execution Vulnerability (CVE-2022-22954)

VSFTPD

  • VSFTPD TLS Improper Certificate Validation Vulnerability (CVE-2021-3618)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.