RVY200893: Release Notes: RayVentory Scan Engine 12.6.3666.89 [Update3]
| Type: |
Full Product |
| Purpose/Description: |
New Feature and Enhancements:
- Enhanced Input Validation and Sanitization [RVP-2162]
- User-controlled values are now validated and sanitized in all cases before being used for further command execution.
- Special attention is given to escape or encode control characters that the operating system might interpret as code.
- The characters to be escaped or encoded can be configured as needed.
To enable validation, perform the following configurations:
Linux/Unix/macOS:
- Added parsing of the configuration property ForbiddenCurlChars in /etc/rvia_configuration.
Windows:
- Added parsing of the registry value ForbiddenCurlChars in HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ManageSoftCorp\ManageSoft\RVIA.
Restricted Folder Permissions [RVP-2170]
- Permission to the results\Inventories\ folder has been restricted to enhance security.
Schedule Execution Fix [RVP-2240]
- Fixed an issue where no schedules were executed at their described times.
- The problem was traced to generalMaxTaskDelay not being set to 0. This has now been corrected.
|
| Date Published: |
2024/06/07 |
| Requirements: |
Refer to the Release Notes document for Hardware and Software requirements
|
| Installation Instructions: |
Detailed instructions for the installation can be found in the RayVentory Scan Engine 12.6 User Guide. |
Download Location:
|
FTP Server:
|
file.raynet.de
|
|
User:
|
rayventory-kd
|
|
Password:
|
QLMwJ2!
|
Download from Raynet FTP
Comments