Security Resources

Software Updates

TrustKeeper Scan Engine Update for November 20, 2020


The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Atlassian Jira

  • Atlassian Jira ActionsAndOperations Issue Key Enumeration (CVE-2020-14185)
  • Atlassian Jira Issue Filter Export File Cross-Site Scripting (CVE-2020-14184)


  • Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability (cisco-sa-asa-ssl-dos-7uZWwSEy and CSCvt64822) (CVE-2020-27124)
  • Cisco ASA Bleichenbacher Attack Vulnerability (cisco-sa-asaftd-tls-bb-2g9uWkP) (CVE-2020-3585)
  • Cisco ASA Denial of Service Vulnerability (cisco-sa-asaftd-dos-QFcNEPfx) (CVE-2020-3554)
  • Cisco ASA FTP Inspection Bypass Vulnerability (cisco-sa-asaftd-ftpbypass-HY3UTxYu) (CVE-2020-3564)
  • Cisco ASA IP Fragment Memory Leak Vulnerability (cisco-sa-asaftd-frag-memleak-mCtqdP9n) (CVE-2020-3373)
  • Cisco ASA SIP Denial of Service Vulnerability (cisco-sa-asaftd-sipdos-3DGvdjvg) (CVE-2020-3555)
  • Cisco ASA SSL/TLS Session Denial of Service Vulnerability (cisco-sa-asa-ftd-tcp-dos-N3DMnU4T) (CVE-2020-3572)
  • Cisco ASA Web Services File Upload Denial of Service Vulnerability (cisco-sa-asaftd-fileup-dos-zvC7wtys) (CVE-2020-3436)
  • Cisco ASA Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability (cisco-sa-asa-rxss-L54Htxp) (CVE-2020-3599)
  • Cisco ASA WebVPN CRLF Injection Vulnerability (cisco-sa-asa-ftd-crlf-inj-BX9uRwSn) (CVE-2020-3561)
  • Cisco ASA-FXOS Software Command Injection Vulnerability (cisco-sa-fxos-cmdinj-pqZvmXCr) (CVE-2020-3457)

Debian (Credentialed Checks)



  • Oracle WebLogic Patch Bypass Remote Command Execution (CVE-2020-14750)

Red Hat (Credentialed Checks)


Ubuntu (Credentialed Checks)


How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.