Security Resources

Software Updates

TrustKeeper Scan Engine Update for September 26, 2022


The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

CentOS (Credentialed Checks)

Debian (Credentialed Checks)


  • Pulse Connect Secure targets.cgi Hard-coded Credentials Vulnerability (CVE-2021-44720)
  • Splunk Dashboard Information Disclosure Vulnerability (SVD-2022-0802) (CVE-2022-37438)
  • Splunk Ingest Actions Improper Certificate Validation Vulnerability (SVD-2022-0801) (CVE-2022-37437)
  • Splunk ZIP file Denial of Service Vulnerability (SVD-2022-0803) (CVE-2022-37439)

Fedora (Credentialed Checks)





Red Hat (Credentialed Checks)

SUSE Linux (Credentialed Checks)


  • Samba Audit Logging Module Use-After-Free Vulnerability (CVE-2022-32746)
  • Samba KDC and Kpasswd Service Improper Authentication Vulnerability (CVE-2022-2031)
  • Samba Kpasswd Service Authentication Bypass Vulnerability (CVE-2022-32744)
  • Samba MaxQueryDuration Uncontrolled Resource Consumption Vulnerability (CVE-2021-3670)
  • Samba Server Uninitialized Data Denial of Service Vulnerability (CVE-2022-32745)
  • Samba SMB1 Memory Information Leak Vulnerability (CVE-2022-32742)
  • Samba SPN Access Control Bypass Vulnerability (CVE-2022-0336)
  • Samba Symlink Improper Synchronization Vulnerability (CVE-2021-20316)

Ubuntu (Credentialed Checks)


  • Webmin apt-lib.pl Remote Code Execution Vulnerability (CVE-2022-36446)
  • Webmin Read Mail Cross-Site Scripting Vulnerability (CVE-2022-36880)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.