Acunetix releases assist for RHEL 9, updates CWE report, and improves PHP IAST AcuSensor | Frost Tech

A brand new replace for Acunetix Premium for Home windows and Linux has been launched: 15.0.221007170.

This model of Acunetix introduces assist for Crimson Hat Enterprise Linux (RHEL) 9, which was launched earlier this 12 months. PHP IAST AcuSensor can now be used with net purposes that reap the benefits of the PHP Slim Framework and has been up to date to report MongoDB and SSTI injection vulnerabilities. CWE’s 25 Most Harmful Software program Weaknesses has been up to date to report on the highest software program weaknesses recognized for 2022. This Acunetix replace additionally consists of numerous new vulnerability checks, updates, enhancements, and product fixes.

Word: There might be no new updates to native macOS installations. MacOS customers can change to Acunetix Premium On-line or use Acunetix On-Premises in a digital atmosphere or on Docker.

new options

New vulnerability checks

• Added examine for permissions coverage header
• Added a examine for unrestricted entry to the Karma monitoring interface
• Added examine for Go net app binary disclosure

updates

• SCA: Improved detection of parts utilized by Java net purposes
• Up to date to Chromium v106.0.5249.61
• Up to date PHP IAST AcuSensor to higher assist net purposes that use the Slim Framework
• Improved assist for Axios HTTP calls
• Up to date CWE’s 25 Most Harmful Software program Weaknesses record to incorporate 2022 weaknesses
• Scan outcomes and scan studies will embrace the model of Acunetix used to carry out the scan.
• Up to date PHP sensor to report MongoDB injections
• Up to date PHP sensor to report server-side template injections (SSTI)
• Improved detection of default GraphQL introspection URLs.
• Applied a heartbeat for the connections between the scanner and the AcuSensor bridge.
• A number of DeepScan updates
• Improved auditing of JavaScript libraries.

preparations

• Fastened a problem that would trigger blind SSRF in difficulty tracker and proxy settings
• Fastened 3 authorization points.
• Fastened a reminiscence exhaustion bug within the heuristic hyperlink checker
• Fastened: Malware was reported when Home windows Defender reported invalid/unknown malware
• Fastened some crashes within the scanner.
• Up to date community scans so they don’t seem to be canceled if the preliminary ICMP ping fails.
• Fastened a bug when submitting vulnerabilities to the Jira difficulty tracker
• Fastened UI bug when filtering vulnerabilities by time

Replace to the most recent model

If you’re already utilizing Acunetix construct 14.x, you can begin the automated replace from the brand new construct notification within the Acunetix UI > On web page.

If you’re utilizing Acunetix construct 13.x or earlier, it is best to obtain Acunetix from right here. Use your Acunetix license key to obtain and activate your product.