⚠️ This site is being sunset soon. Please update your bookmarks. Learn more →
Changelog
Back to All
fixed

discovery-agent-24-2-0-1501

10 months ago by ReadMe API

September 3, 2024

Requirements:

  • There is a product dependency on having the .NET 8 Hosting package installed.
  • OAuth authorization is dependent on having BI version 24.2.0.
  • A reboot of the system may be required.

New features and enhancements:

  • Enumerate domain users with access to a Linux target via the sssd.conf. Support for simple configuration only.
  • Enhanced secondary authentication prompt response to support prompts found during authentication, as opposed to after primary SSH authentication.
  • Added support for the use of OAuth authorization for connectivity with the Event Collector Service.
  • Added support for the use of OAuth authorization for connectivity to the Central Policy Service.
  • Added support to configure the use of certificate based authorization for connectivity to the Central Policy Service.
  • Improved the validation of command line options for configuration of Central Policy Service and Event Collector Service.

Issues resolved:

  • Resolved a scenario where a scan fails to complete when connecting to the target's registry. Changed the default value for the remote registry connect timeout to 60 seconds.
  • Handled additional error codes for group member enumeration. This prevented the command from being endlessly retried even after the scan completed.
  • Resolved an asynchronous task issue where impersonation might not be active for group member enumeration, resulting in domain users not being found.
  • Resolved handling of CR/LFs in the target prompt for SSH targets.
  • Resolved an issue when sending a CTRL-C when a command times out for Fortinet devices. This caused commands which succeeded to be seen as errors when no output was expected.
  • Resolved an issue that could cause a hung scan during the SSH secondary prompt handling.

Known issues:

  • PowerShell doesn't properly send the command line options for btdiscovery.cmd to the program. This command must be run in a standard windows command shell.

Notes:

  • The migration from an existing Retina configuration is deprecated and will be removed in a future release.
  • SSH Session encryption using the SHA1 cipher is deprecated. Use SHA256 or higher.
  • Direct upgrades to this version are supported from versions 20.1.0 and later releases.
  • This release is available by download from the BeyondTrust Client Portal at https://www.beyondtrust.com/support/.
  • The MD5 signature is: f096fba349c048935bd3580c3b4b59ec
  • The SHA-1 signature is: bc92a956ad9689b35c0c336e76de87e9fe34092e
  • The SHA256 (exe) signature is: f5a763095562c3191540df8741007601668abe8fa84f55755814d31ab3eb5685
  • The SHA256 (msi) signature is: f5ab0c22f088dbe01d98c709f311238e32aa326c7f268e73d27716059a329d13