Acunetix v24.8 釋出,新增功能概覽
Acunetix v24.8 (Linux, Windows) - Web 應用程式安全測試
Acunetix | Web Application Security Scanner
請訪問原文連結:https://sysin.org/blog/acunetix/,檢視最新版。原創作品,轉載請保留出處。
作者主頁:sysin.org
重要提示
Acunetix Premium 現在使用日曆化版本命名。請注意,從版本 23.6.230628115 開始,不再支援 Windows 8、Server 2012 和 Server 2012 R2。請將您的 Windows 作業系統更新到 Windows 10(或更高版本)或 Windows Server 2016(或更高版本)以使用此版本和即將釋出的版本。
Acunetix 漏洞掃描器,管理您的網路安全。
29 Aug 2024
Acunetix Premium - v24.8
New Features
- You can now upload RAML API specs to extend the coverage of API scanning
- Added support for Apache Tomcat 11 in JAVA IAST sensor
- RAML API specification can now be used as an API definition import file
- Implemented support for scanning HTTP/2 websites
New Security Checks
- Next.js image Blind SSRF
- SolarWinds Web Help Desk RCE (CVE-2024-28986)
- Apache HTTP Server Confusion Attacks (CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709)
- Jelly Template Injection Vulnerability in ServiceNow UI Macros (CVE-2024-4879, CVE-2024-5217)
- SuiteCRM SQL Injection (CVE-2024-36412)
- Odoo XSS (CVE-2023-1434)
- Mura/Masa CMS JSON API RCE
- Lucee CF_CLIENT_ RCE
- Lucee Stacktrace Information Disclosure
- Lucee Unset Admin Password
- Updated WordPress plugins vulnerabilities database
- GeoServer RCE (CVE-2024-36401)
Improvements
- Minor cosmetic UI/UX issues have been addressed across the app
- The Scan Details screen for reviewing scan results has been modernized and upgraded with runtime SCA findings (Acunetix Online only, On-Premises coming soon)
- The agent status now shows 'Unknown' instead of 'Error' when the agent hasn't shared its status for some time
- Improved testing of path fragments
- A new scan report for SCA is now available - Learn more
- API Discovery: Added the ability to start scans directly from the list of discovered and linked APIs
- API Discovery: Added functionality to change the base URL of an already linked API
- Updated scanner to handle security definitions within Swagger
Fixes
- Updated scanner to use default Scan speed settings when scan speed settings are missing
- Fixed false positive in the detection of Possible Virtual Host Found
- Fixed false positive in the detection of CVE-2024-6387
下載地址
Acunetix Premium v24.8 - 29 August 2024
請訪問:https://sysin.org/blog/acunetix/
Invicti:
- Invicti v24.8.1 for Windows - Web 應用程式安全測試
更多相關產品:
- Magic Quadrant for Application Security Testing 2022
- Magic Quadrant for Application Security Testing 2023
更多:HTTP 協議與安全