Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
ContentIndex
  
[+] Expand All
[-] Collapse All

No index entries found.

Resolved Issues in CTPView Release 7.2R1

The following issues have been resolved in CTPView Release 7.2R1:

  • Upgrade of the CTPView software fails when the KIS file is attempted to be copied using Secure Copy protocol (SCP) to the CTP system. [PR/975967]
  • In compliance with the U.S. Department of Defense Joint Interoperability Test Command (JITC) requirements, when the security level of the CTP Series platforms is set as high, the JITC high security mode requires that the CTP device must automatically disable accounts after a 35-day period of account inactivity. A mechanism to unlock and reenable such disabled user accounts is not available. [PR/1085043]
  • RC4 ciphers need to be removed from the Apache NSS and SSL configuration files. [PR/1084593]
  • Perl scripts do not have the Taint mode enabled, which enables special security checks to be performed for security purposes. [PR/1084594]
  • Security vulnerabilities are observed on a CTPView server running CTPView Release 7.0R3. [PR/1087204]
  • Some vulnerabilities are present in CentOS OS implementation of CTPView OS. Vulnerabilities in the areas of an outdated operating system usage, backup files containing sensitive information, and reflected cross-site scripting. [PR/1094262]
  • You cannot use the advanced port options in the CTPView server menu to enable or disable loss of signal (LOS) detection for CTP bundles in a serial interface or T1/E1 both-ended Y cable configuration (hardware-based redundancy or software-based Y cable link protocol). [PR/1145768]
  • On a CTPView server, the FAIL_DELAY value in /etc/login.defs meets the GPOS STIG rule of that requires a minimum of 4 seconds between login failures. The same rule needs to be applied to the /etc/pam.d/system-auth file. [PR/1116023]
  • CTPView servers accept CTP system passwords that are only up to 15 characters in length, which causes certain passwords do not work for connecting CTPView to CTP devices. [PR/1116143]
  • In Apache, the ServerSignature directive must be set to "Off" instead of "On". [PR/1126007]
  • Attempts to log in that are unsuccessful and failed login attempts to access-denied functionalites are not recorded in the log file on the CTPView server. [PR/1127686]
  • Hostnames in CTPView are not compliant with fully qualified domain name (FQDN) standards. [PR/1128559]
  • The PHP session lifetime attribute, session.gc_maxlifetime, needs to be increased to 900 seconds (15 minutes) in the /etc/php.ini file to comply with JITC requirements. [PR/1130464]
  • The transaction isolation setting, transaction_isolation, needs to be changed to REPEATABLE-READ in the /etc/my.cnf file to comply with JITC requirements.[PR/1133439]
  • OpenSSL, instead of NSS, is needed for authentication of user login through the CTPView GUI to comply with the FIPS 140-2 standard. [PR/1135070]
  • Support is needed in the audit.rules file for auditing to be performed for all the CTPView commands. [PR/1135114]
  • Having a user attempt to login simultaneously with a user currently logged in causes the invalid login counter to increment. It is observed that this behavior locks out the local account. Additionally, the valid logged-in user session was terminated, which causes that user to wait for the default timeout before the user can log back in. [PR/1143900]
  • You cannot manage IP access control lists (ACLs) for accessing CTPView unless you use MySQL and modify the tables directly. [PR/1144358]
  • The complete resolution for CVE-2015-8126 is needed in the CTPView server. [PR/1144457]
  • OpenSSL upgrade to 1.2.0e is required to address security vulnerabilities. [PR/1144746]
  • When a user logs into the CTPView server using a common access card (CAC), and then selects the logout button, the user is not logged out. [PR/1146110]
  • You cannot start the SNMP daemon in CTPView. Also, a "Segmentation fault" message is returned when you perform an SNMP walk, run SNMP traps, or perform an SNMP Get operation. This SNMP version supports SNMP authentication for which the SNMPV3 user needs to be added in the /etc/snmp/snmpd.conf file. [PR/1147782]

Modified: 2015-12-28