Eng 2-16-0
Date : 21.11.2021
Version : 2-16-0
Issue Type | Component/s | Header | Summary |
---|---|---|---|
Security Improvement | API | API | REST API potential vulnerabilities fixed. |
Security Improvement | API | API | Unauthorized display of SAPM Module problem fixed. |
Bug | AIO Core | API | Radius REST API re-direct problem fixed. |
Bug | API | API | Auto Device Discovery API problem fixed. |
Bug | AIO Core | Web | Duplicate Element Type create problem fixed. |
Bug | AIO Core | RDP / 2FA | RDP Proxy 2FA / OTP problem fixed. |
Bug | AIO Core | Web | Add an Element Type parameter problem fixed. |
Bug | AIO Core | RDP | Added RDP Proxy active connection notification message. |
Bug | AIO Core | Desktop Client | Desktop Client v21.1.0 connection problem fixed |
Bug | AIO Core | Web | Web UI 2FA By-pass vulnerability fixed. |
Bug | AIO Core | Web | System Config Man. “space character” problem in the parameter field has been fixed |
Bug | OS / RDP Proxy | RDP | RDP Proxy drive library problem fixed |
Bug | AIO Core | Session Manager | Session Logs display problems fixed. |
Bug | AIO Core | Session Manager | RDP / SSH Proxy ApprovalRequired feature problem fixed |
Bug | RDP Proxy | RDP | “Wire to Session” keyboard problem fixed. |
Bug | RDP Proxy | RDP | RDP Proxy parameter issue fixed |
Bug | SSH Proxy | SSH | SSH Proxy via Web UI status Offline problem fixed |
Bug | API | API | Displaying the devices added via API problem fixed |
Bug | API | API | Authentication API success response edited. |
Bug | API | API | AssignedCredential save problem fixed. |
New Feature | API | API | Bulk Import section added. |
New Feature | API | API | Audit Report section added |
New Feature | AIO Core | Session Manager | Only added/removed objects will be listed in /policy/policyGroup/save activity log. |
New Feature | AIO Core | Session Manager | Only added/removed objects will be listed in /policy/policyRealm/save activity log. |
New Feature | AIO Core | Session Manager | Only added/removed objects will be listed in /userRealm/save activity log. |
Improvement | AIO Core | Session Manager | Context parameter expression has been added to Syslog message |
Bug | AIO Core | Web | Duplicate Child Device Group problem fixed |
Improvement | AIO Core | Web | License Manager UI framework changed to GWT(Google Web ToolKit). |
Improvement | AIO Core | Web | Activity Log detail display problem fixed. |
Bug | AIO Core | Web | User Authentication Logging bug fixed. |
Improvement | RDP Proxy | Session Manager | Display limit problem in RDP Proxy credential selection screen fixed |
Bug | AIO Core | Web | Auto Device Discovery subnet info save problem fixed |
Bug | AIO Core | Web | In child device group, ShowInDeviceTree parameter problem fixed |
Bug | SSH Proxy | SSH | Search devices with special characters problem fixed |
Bug | SAPM | SAPM | Secret Data Vault – globalUsername mapping problem fixed |
Bug | SSH Proxy | SSH | Send OTP SMS while cache is active problem fixed |
New Feature | API | API | New methods are introduced assign Remote App to Device Group. |
Bug | AIO Core | Web | Internal user definition adding problems fixed. |
Bug | AIO Core | Web | Captcha activation problem in unsuccessful logins fixed. |
Bug | AIO Core | Web | OTP request screen cache problem fixed |
Bug | RDP Proxy | RDP | Fix screen resolution problem in RDP Wire to session fixed |
Improvement | API | API | /user/allGroups method changed to return only allowed groups to the session user. |
Improvement | AIO Core | Syslog | 'reasonForConnection' column added to Syslog |
Bug | AIO Core | Web | SecureCRT Export problem fixed |
Bug | AIO Core | Web | Device Inventory screen search problem fixed |
Security Improvement | AIO Core | 2FA | Web UI Username Enumeration vulnerability fixed |
Bug | SAPM | SAPM | SAPM Jobs running problem fixed. |
New Feature | 2FA | 2FA | FortiAuthenticator MFA Support added |
Improvement | AIO Core | Session Manager | SSH / RDP Approval Required option does not apply to Manager's |
Security Improvement | AIO Core | AIO Core | New Device Discovery SQL Injection-24 vulnerability fixed |
Security Improvement | AIO Core | AIO Core | RemoteApplication screen SQL Injection-25 vulnerability fixed |
Security Improvement | AIO Core | AIO Core | Added rate-limiting mechanism to prevent Brute-Force attacks. |
Security Improvement | AIO Core | AIO Core | Improved RestAPI security measures on Web UI logins. |
Bug | API | API | Remote desktop application delete method fixed |
Security Improvement | AIO Core | AIO Core | RemoteApplication screen SQL Injection-26 vulnerability fixed |
Security Improvement | AIO Core | AIO Core | RemoteApplication screen SQL Injection-27 vulnerability fixed |
Improvement | SAPM | SAPM | Add SAPM Account problem fixed |
Improvement | Radius | Session Manager | Radius Accounting Log search error fixed |
Security Improvement | API | API | Possible unauthorized access problem to SAPM Module fixed. |
Bug | AAPM | AAPM | AAPM trigger process running problem fixed |
Bug | SDV | SDV | Secret Data Vault permission credential issue fixed |
Improvement | RDP Proxy | RDP | Reconnecting the connections that were terminated with the logout command has been fixed. |
Improvement | SFTP Proxy | SFTP | Added GarbageSession control to the SFTP Proxy module. |
Notice | HTTP Proxy | HTTP Proxy | HTTP Proxy retire |
Notice | SQL Proxy | SQL Proxy | SQL Proxy retire |