Eng 2-16-0

2 min

single connect release notes https //docs kron com tr/singleconnect/21416 ext turkish#single connect surum notlari date 21 11 2021 version 2 16 0 issue type component/s header summary security improvement api api rest api potential vulnerabilities fixed security improvement api api unauthorized display of sapm module problem fixed bug aio core api radius rest api re direct problem fixed bug api api auto device discovery api problem fixed bug aio core web duplicate element type create problem fixed bug aio core rdp / 2fa rdp proxy 2fa / otp problem fixed bug aio core web add an element type parameter problem fixed bug aio core rdp added rdp proxy active connection notification message bug aio core desktop client desktop client v21 1 0 connection problem fixed bug aio core web web ui 2fa by pass vulnerability fixed bug aio core web system config man “space character” problem in the parameter field has been fixed bug os / rdp proxy rdp rdp proxy drive library problem fixed bug aio core session manager session logs display problems fixed bug aio core session manager rdp / ssh proxy approvalrequired feature problem fixed bug rdp proxy rdp “wire to session” keyboard problem fixed bug rdp proxy rdp rdp proxy parameter issue fixed bug ssh proxy ssh ssh proxy via web ui status offline problem fixed bug api api displaying the devices added via api problem fixed bug api api authentication api success response edited bug api api assignedcredential save problem fixed new feature api api bulk import section added new feature api api audit report section added new feature aio core session manager only added/removed objects will be listed in /policy/policygroup/save activity log new feature aio core session manager only added/removed objects will be listed in /policy/policyrealm/save activity log new feature aio core session manager only added/removed objects will be listed in /userrealm/save activity log improvement aio core session manager context parameter expression has been added to syslog message bug aio core web duplicate child device group problem fixed improvement aio core web license manager ui framework changed to gwt(google web toolkit) improvement aio core web activity log detail display problem fixed bug aio core web user authentication logging bug fixed improvement rdp proxy session manager display limit problem in rdp proxy credential selection screen fixed bug aio core web auto device discovery subnet info save problem fixed bug aio core web in child device group, showindevicetree parameter problem fixed bug ssh proxy ssh search devices with special characters problem fixed bug sapm sapm secret data vault – globalusername mapping problem fixed bug ssh proxy ssh send otp sms while cache is active problem fixed new feature api api new methods are introduced assign remote app to device group bug aio core web internal user definition adding problems fixed bug aio core web captcha activation problem in unsuccessful logins fixed bug aio core web otp request screen cache problem fixed bug rdp proxy rdp fix screen resolution problem in rdp wire to session fixed improvement api api /user/allgroups method changed to return only allowed groups to the session user improvement aio core syslog 'reasonforconnection' column added to syslog bug aio core web securecrt export problem fixed bug aio core web device inventory screen search problem fixed security improvement aio core 2fa web ui username enumeration vulnerability fixed bug sapm sapm sapm jobs running problem fixed new feature 2fa 2fa fortiauthenticator mfa support added improvement aio core session manager ssh / rdp approval required option does not apply to manager's security improvement aio core aio core new device discovery sql injection 24 vulnerability fixed security improvement aio core aio core remoteapplication screen sql injection 25 vulnerability fixed security improvement aio core aio core added rate limiting mechanism to prevent brute force attacks security improvement aio core aio core improved restapi security measures on web ui logins bug api api remote desktop application delete method fixed security improvement aio core aio core remoteapplication screen sql injection 26 vulnerability fixed security improvement aio core aio core remoteapplication screen sql injection 27 vulnerability fixed improvement sapm sapm add sapm account problem fixed improvement radius session manager radius accounting log search error fixed security improvement api api possible unauthorized access problem to sapm module fixed bug aapm aapm aapm trigger process running problem fixed bug sdv sdv secret data vault permission credential issue fixed improvement rdp proxy rdp reconnecting the connections that were terminated with the logout command has been fixed improvement sftp proxy sftp added garbagesession control to the sftp proxy module notice http proxy http proxy http proxy retire notice sql proxy sql proxy sql proxy retire