Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Resolved Issues

The resolved issues addressed in the JSA 7.5.0 Update Package 5 are listed below:

  • CVE-2022-43863 - JSA is vulnerable to privilege escalation.

  • JSA is vulnerable to using components with known vulnerabilities.

  • JSA apps can stop running on an app host after it is set up with High Availability (HA).

  • Geographic tests performed within JSA can cause performance issues due to XML parsing process.

  • JSA dependency checker sometimes does not find dependent rules or building blocks.

  • Restored config backups can cause an rpm mismatch between the rpm version of dsm, protocols, vis, and the jars installed.

  • When overriding an eventID with two different CEF or LEEF keys using the dsm editor/LSX, only the first is properly parsed.

  • The High Availability (HA) restore process allows a primary to be rebuilt as a secondary 500 appliance.

  • The value of 'most recent results' in an offense report displays as a negative when using a different user account.

  • Logging for tenant filtering only logs one tenant and reports incorrect values.

  • 80xx log manager appliance type displays as 'event processor' in system and license management.

  • A managed host can fail to inherit the correct license pool allocation when it has been re-added to a deployment.

  • Patching from a mounted sfs file in /store is allowed by JSA but can cause high availability patching to fail.

  • A non-admin user role user cannot re-assign or move a log source to a different group using the log source management app.

  • The JSA pipeline can stop receiving all events due to a stringoutofboundsexception occurring.

  • Error written to JSA logging: "There was an error reading authentication.properties. Settings will not be reloaded".

  • Repetitive /var/log/audit.log messages being written after a failed protocol test using the log source management app.

  • Glusterfs migration or pretest can fail after removing a 15xx appliance from the deployment.

  • Replication process can take longer than expected on encrypted hosts after a high availability failover.

  • TaskManagementRetentionAgent can overload Tomcat with threads causing it to fail.

  • Making a change on a high availability pair can cause an unexpected active node reboot and failover.

  • JSA is unable to verify SAML signatures in some instances.

  • Null Pointer Exception occurs during log source configuration where certificate key usage validation fails.

  • Event to identify indexed value is 'NULL' is not generated by rules indexed by custom event properties.

  • Unable to delete JSA user during reassignment of custom flow properties.

  • 'Application error' can occur when disabling a user that has dependencies.

  • Missing file /var/log/si-postgres-pam.log causes some services to fail to properly startup.

  • Access to the user interface may be lost due to missing authorized service tokens.

  • Event pipeline can stop due to secstoreforwarddestinationjava.lang.interalerror:sigbus.

  • Scheduled reports can run on raw data causing them to fail or take longer than expected to complete.

  • AQL equality operators do not work with AQL xforce functions array output.

  • Users cannot access log source management despite having manage log source and JSA log source management permissions.

  • DSM parameter changes not being saved for environment with single event collector.

  • AQL search with conditions imatches or ilike return fewer results if the super index is used.

  • Upgrading a detached host or HA standby with an expired license displays 'patch successful (with errors)'.

  • Get_logs.sh does not run correctly on systems that no longer support MegaCLI.

  • Geodata_update.sh returning false positive notifications on HA standby consoles.

  • When running an AQL search with group by using a cep value that exceeds 1000 characters, the cep value is truncated.

  • Modifying the rule 'multiple login failures for single username' might cause an NPE error when JSA is reading the rule.

  • Hostdefinition building block VA scanner source IP is overwritten on every deploy if additional IP addresses are added.

  • JSA.jsp call to licensekeymanager.areLicensesValid() causes a delay on login for customers having multiple managed hosts.

  • Users patching from JSA 7.3.2 to JSA 7.5.0 might experience longer patch times than expected.

  • New searches started in the offenses tab display incorrect time range options in the user interface.

  • An application error occurs when a domain user attempts to assign an inactive offense.

  • Authenticated HTTP request failure response incorrectly redirect win collect configuration requests to the login page.

  • Users who log in to JSA can receive an error 'invalid license key' when the license is valid.

  • Reference data API source response does not reflect the requested API source value.

  • Application upgrades can fail when a health check executes on all applications.

  • System rule names that were modified have old name in offense summary.

  • Use Case Manager exports fail while session was in an open transaction state.

  • Offense takes the offense start time from an older unrelated partial match event.

  • Applications might fail to install because the application start time exceeds 500 seconds.

  • QRM device backup failures caused by spillover cache.

  • Domain mapped events might be incorrectly tagged to the default domain.

  • In JSA, when IP addresses overlap during deployment, known hosts values can be removed.

  • Authentication module settings page might be blank in JSA 7.5.0 Update Package 4.

  • Offense summary page event/flow count field does not match the event count in log activity.

  • Saving an LDAP repository can result in a nullpointerexception error causing login.conf file to go blank.

  • Rules action for severity, credibility, and relevance are not properly displayed in the UI after an update.

  • After you install the kernel and the reboot is complete, the installer hangs on a hardware check involving Myver and MegaCli.

  • The software menu displays unsupported functionalities.

  • The console displays as an event collector in the System and Licensing, License Appliance Type column.

  • Log Analytics is missing from the installation wizard menu.

  • The Network Insights installation fails without error.