Release 10.26.1

April 02, 2024

What’s New?

Qualys Vulnerability Management (VM)

Optimized UI Error Communication

For enhanced user experience, we have made an improvement to display an error message, as shown in the following image, whenever a user attempts to generate reports or scans using unsupported time zones. This message guides the users to choose a different time zone that is closest to theirs. Previously, only the incident signature was displayed, which was not very helpful.

Error message.

Qualys Policy Compliance (PC/SCAP/SCA)

Use Active Directory (AD) Secrets Engine in HashiCorp Authentication Records

You can now use Active Directory (AD) Secrets Engine while creating or updating HashiCorp authentication records. As a part of this enhancement, the following changes have been made:

UI Changes
  • A new option on the UI to manage utilization of Active Directory (AD) Secrets Engine while creating or updating authentication records (Unix, Network SSH, MS SQL) with vault type, HashiCorp:

    MS SQL Record

    Select Yes to use Active Directory (AD) Secrets Engine. 

    The Key field used to input the key name for identifying a specific key-value pair is now no longer required and does not appear when you are using Active Directory(AD) Secrets Engine.


    create MS SQL record.

    Unix Record

    Switch the toggle to YES to use Active Directory (AD) Secrets Engine.

    The Key field used to input the key name for identifying a specific key-value pair is now no longer required and does not appear when you are using Active Directory(AD) Secrets Engine.



    Network SSH Record

    Switch the toggle to YES to use Active Directory (AD) Secrets Engine.

     The Key field used to input the key name for identifying a specific key-value pair is now no longer required and does not appear when you are using Active Directory(AD) Secrets Engine.


     

  • The Authentication Information of the HashiCorp authentication records (Unix, Network SSH, and MS SQL records with HashiCorp vault type) has been enhanced to reflect information about the usage of Active Directory (AD) Secrets Engine:

    Unix Record

    Authentication information-unix record.
    MS SQL Record

    Authentication information-MS SQL record.


    Network SSH Record

    Authentication information-Network SSH.
API Changes 

A new use_ad_hashicorp parameter and new DTD tag VAULT_USE_AD_HASHICORP have been added to the following APIs:

  • Unix Record
  • Network SSH Record
  • MS SQL Record

For more information, refer to Cloud Platform 10.26.1 API Release Notes.

Vault Support for MS SQL Authentication Records

You can now use vault while creating/updating MS SQL authentication records using API. Currently, we support the following vaults from API for retrieving passwords for MS SQL database instances: 

  • CyberArk PIM Suite 
  • Thycotic Secret Server
  • Quest Server
  • CA Access Control
  • Lieberman ERPM
  • CyberArk AIM
  • BeyondTrust PBPS
  • HashiCorp
  • Azure Key
  • Arcon PAM

As a part of this enhancement, MS SQL Record API has been updated. For more information, refer to Cloud Platform 10.26.1 API Release Notes.

Issues Addressed

The following issues are fixed with this release:

Component/Category Application
 
Description
VM - Scans Vulnerability Management When the users performed the scan, they were able to view 54 hosts live in the scan preview sections, but it displayed an incorrect message stating Scanners are finished and No live hosts are found in the summary. Relevant changes have been made to fix this issue.
VM - Scan Schedule Vulnerability Management When the users were searching the entries having the title as Group(a space followed by a word Group) on the Schedules tab under the Scan tab, incorrect search results were obtained. Relevant code changes have been made to fix this issue. Now, users can view all the search entries with Group with and without space.
VM - Reports General Vulnerability Management Users generated the scheduled report by going to Template > Filter section and selecting Windows OS. A few Windows server names were not visible in the report as the OS filter was not working properly, and also, there was a mismatch in the asset count in the report. Relevant code changes have been made to fix this issue.
VM - Login issues Vulnerability Management Users were not able to log in to their accounts if their password was expired. It was redirecting to the login page and also the change password window was not displayed. Relevant code changes have been made to fix this issue.
VM - Reports general Vulnerability Management When the user selected the text in the QID section of the VM report (in PDF format), it was redirecting to an incorrect web address. Relevant code changes are made to fix this issue.
VM - VMDR OT Vulnerability Management Users had removed the IP from the VMDR (OT) subscription. When the user tried to relaunch the vulnerability scan, an error displaying the IPs belong to an ICS. Relevant code changes have been made to fix this issue.
VM - Authentication Records Vulnerability Management Users were not able to view the IP address in the authentication details even though the authentication was successful using the same authentication record. Relevant code changes have been made to fix this issue.
VM - Feature Request Vulnerability Management When the users executed the API on the host with Emoji in the hostname, they tried to parse that API XML response. This led to a broken XML parser in api/2.0/fo/asset/host/vm/detection and displayed an encoding error. Relevant changes have been made to fix this issue.
PC - API Policy Compliance While executing the Policy List API, users with an AGMS enabled account and with IPv6 enabled were experiencing a 999 error code in the API output. Relevant code changes have been made to fix this issue.
PC - UI Policy Compliance User wanted to add a new technology using the Copy Controls Settings option that would enable them to copy controls from another technology in a policy. When executing the steps, it was noticed that the operation could not be completed. The relevant code changes have been made to fix this issue.