Released
Linux SHA256:
Linux md5sum:
Linked article - Discovering using seed.
From 4.1.0 onwards we allow more flexibility when creating a discovery regarding setting individual discovery scan options. You can now change individual options without having to create a "custom" discovery scan options entry. The Discovery Scan Options for a given discovery now function as the match rules. You choose an option set, but you can override individual options. They'll default to the discovery scan option chosen, if not explicitly set. Much more flexible and intuitive. These are still restricted to Enterprise licensed customers.
Small reminder that Open-AudIT Community is still at version 3.5.3, not 4.1.0. This will be updated in a future release.
| Version | Type | Collection | Description |
|---|---|---|---|
| Professional | Bug | All | Modal for Help -> About not firing. |
| Community | Bug | Devices | Audit Results Overwriting attributes. In some cases, if an audit is processed, a change made using the GUI and another audit then processed, the change made by the GUI was being reverted. Bug in SQL when updating a device and determining if to set an attribute in the system table, by weight. |
| Professional | Bug | All | Some templates (discoveries, credentials, clouds) had a JS issue and were not removing the edit buttons. |
| Community | Improvement | All | Replace all passwords with ****** in interface (irrespective of using the html 'password' type). |
| Enterprise | Bug | Racks | Populate system.type correct on racks and rack devices read templates. |
| Enterprise | Improvement | All | Evaluation and Trial Licenses should enable all Enterprise features. |
| Professional | Improvement | Devices | Improve SAN disks on devices read template. |
| Professional | Improvement | Devices | Improve display of discovery error logs on device details template. |
| Professional | Improvement | Queries | Add an 'All Queries' item to the report menu. |
| Professional | Improvement | All | Use striped rows in tables for improved readability. |
| Enterprise | New Feature | Discoveries | New type of discovery - seed. Provide a starting IP and add detected IPs/MACs to the discovery as we query devices. SNMP, Linux, Windows ARP tables, routes, etc. Enterprise only. Can restrict to a given subnet. Can restrict to private IPs only. |
| Professional | Bug | All | On the VersionCheck from JS, only check for Open-AudIT, as opposed to Open-AudIT Pro, Ent, et al. |
| Professional | Improvement | Devices | Add the change_log.id on the devices_read template (helpful when sorting). |
| Community | Improvement | All | Code review of all input and output to minimise XSS attacks. |
| Community | Bug | Devices | Fix a bug preventing auditing Debian in audit_linux script (software and other sections). |
| Community | Improvement | Devices | Add os_arch (x86_64, for example) to the DB schema and audit scripts. |
| Community | Improvement | Discoveries | In ssh_helper, do not set type if manufacturer === Ubiquiti. |
| Community | Improvement | Devices | Silence warnings when processing SAN due to uninitialised object. |
| Community | New Feature | Discoveries | Add support for radio stats retrieval from Cambium devices. New DB table - radio. Used when interface model = radio and OID is Cambium, via SNMP. Displayed in Professional / Enterprise. |
| Community | Improvement | Devices | For Windows targets, retrieve user password last changed and last logon timestamps. |
| Community | Improvement | Devices | Disabled SVG uploading for device images because of XSS issues when requesting the direct image. Actual image display in the web pages is fine. |
| Community | Improvement | Devices | Set to '*' (all columns) if we're not passed a property list when reading a device sub_component. |
| Community | Improvement | Discoveries | Include Nmap results of port scans in log->command_output. |
| Community | Bug | All | Fix incorrect variable name in request helper for access token. |
| Community | Improvement | All | Improve Nmap version detection. |
| Community | Improvement | All | Add extra headers to template recommended by OWASP Zap. |
| Community | Improvement | All | Upgrade jQuery to 3.6.0. Upgrade Bootstrap to 3.4.1. |
| Professional | Improvement | All | Upgrade jQuery to 3.6.0. Upgrade Bootstrap to 3.4.1. |
| Professional | Bug | Locations | Fix populating lat/long and GeoCode on locations read template. Also fix link in No API Key warning in alert on same template. |
| Professional | Improvement | Discoveries | Disable attributes for discoveries and discovery scan options for excluding ports when Nmap <7 detected. |
| Professional | Bug | Devices | Template fix on devices_read for policies section. |
| Community | Improvement | Networks | Assign networks.org_id to discoveries.org_id or discoveries.devices_assigned_to_org (if set) if network is created via discovery. |
| Community | Improvement | Networks | Assign networks.location_id to discoveries.devices_assigned_to_location (if set) if network is created via discovery. |
| Professional | Improvement | Networks | Add networks.environment attribute. |