Request Demo

5.11.2

  • September 11, 2023

Security

  • Added security setting to block remote sites from loading via xiwindow parameter [GL:XI#302] – DA
  • Fixed XSS in Custom Logo component (Thanks Astrid Tedenbrant and Outpost24 for reporting this) (CVE-2023-40932) – AC
  • Fixed SQL injection vulnerability acknowledging an announcement banner (Thanks Astrid Tedenbrant and Outpost24 for reporting this) (CVE-2023-40931) – SG
  • Fixed SQL injection vulnerability in the accouncement banner configuration interface (Thanks Astrid Tedenbrant and Outpost24 for reporting this) (CVE-2023-40933) – BB

Updated

  • Fixed an issue where the side menu wouldn’t automatically update when scheduled reports were added or deleted [GL:XI#331] – DA
  • Fixed an issue that would sometimes cause dashlets to reappear on the Home page when deleted [GL:XI#85] – SNS
  • Improved clarity of error messages in CCM when attempting to modify a host with broken sql tables [GL:XI#173] – SG
  • Updated verbiage in the Mountpoint Wizard for clarity [GL:XI#110,#279] – DA
  • Updated styling on the home page [GL:XI#169] – DA
  • Updated verbiage surrounding custom variables to be more consistent [GL:XI#151] – SG
  • Updated modal presented when acknowledging problems for clarity [GL:XI#299] – SG
  • Removed Alert Cloud Dashlet because Flash is no longer supported [GL:XI#164] – SNS

Deprecated

  • Deprecated WMI and Web Transaction [GL:XI#317] – SNS

Removed

  • Removed Nagios News Feed Dashlet [GL:XI#298] – SNS
  • Removed autcomplete from Wizard Address Field [GL:XI#87] – SNS

Added

  • Added fuzzy search to the Configuration Wizard page – SNS
  • Added the ability to resize some dashlets [GL:XI#285] – SNS
  • Added “Maximum Downtime History Age” to performance settings [GL:XI#287] – SAW

Fixed

  • Fixed an issue that caused sound settings to not display correctly in the operation center [GL:XI#24] – SG
  • Fixed an issue with logrotate permissions for the CentOS 9 OVA [GL:XI#197] – DA
  • Fixed an issue with password reset emails not containing correct URLs [GL:XI#23] – DA
  • Fixed an issue where macro variables weren’t expanding properly in notes URLs [GL:XI#315] – SG
  • Fixed an issue where new users weren’t being shown existing banner messages [GL:XI#277] – SG
  • Fixed an issue with the announcement banner switch showing incorrect status on page load [GL:XI#266] – SG
  • Fixed an issue where the License Information screen would fail to load [GL:XI#249] – SAW
  • Fixed an issue with permissions in the Network Switch Wizard [GL:XI#347] – SG
  • Fixed an issue where several tables would not get truncated in a script for removing historical data [GL:XI#284] -TG
  • Fixed an issue in network switch wizard where the Bulk Configuration Settings were not handling mismatched field inputs [GL:XI#312] – SG
  • Fixed an issue in the update process where the settings would be unexpectedly reset upon upgrading in the oracle tablespace wizard [GL:XI#311] – SG
  • Fixed an issue where selected months would start with a comma under certain circumstances in recurring downtime [GL:XI#330] – SG
  • Fixed an issue in the views tab where the fullscreen button moved while in fullscreen during rotating views [GL:XI#163] – SG
  • Fixed an issue in dark mode where cloning a user and canceling the menu would display non-dark mode css [GL:XI#271] – SG
  • Fixed an issue in AD/LDAP where having more than 1000 users would cause layout issues [GL:XI#13] – SG
  • Fixed an issue causing reports to fail to run successfully [GL:XI#316,#296] – DA
  • Fixed an issue where users without enterprise feature can set snmp traps in the manage mibs interface [GL:XI#176] – SG
  • Fixed an issue where pages would throw console errors [GL:XI#258] – BB
  • Fixed an issue where a sufficiently large amount of logs would crash the audit log page [GL:XI#325] – DA
  • Fixed an issue where unused service and host check tables were enabled by default sometimes causing database corruptions [GL:XI#242] – SG
  • Fixed an issue where the Sans Rising Ports dashlet would create many DB access errors [GL:XI#338] – DA
  • Fixed an issue where SNMPv2-PDU had a bad trap definition [GL:XI#78] – DA
  • Fixed an issue where the redirect parameter on the login page wouldn’t work if the user was already authenticated [GL:XI#150] – DA
  • Fixed an issue where the application log would show database errors on systems that were integrated with deprecated products [GL:XI#303] -TG
  • Fixed an issue with the contact PUT endpoint in the API did not allow custom variables [GL:XI#115] – DA
  • Fixed an issue where XI would fail to export performance data graphs when offline [GL:XI#29] – SNS
  • Fixed an issue where the SLA page would render incorrectly due to some variable definitions [GL:XI#345] – SNS
  • Fixed an issue where Wizard Search did not catch quick inputs [GL:XI#265] – SNS
  • Fixed an issue where the Oracle Serverspace Wizard was overwritting settings on upgrades [GL:XI#343] – SG
  • Fixed an issue where the Oracle Query Wizard was overwritting settings on upgrades [GL:XI#342] – SG
  • Fixed an issue where Email Settings would fail to save but indicated that the credentials were saved [GL:XI#263] – BB
  • Fixed an issue where the services list on the Host Detail page was showing the display name instead of the service description [GL:XI#293] – BB
  • Fixed an issue where python was not defined in report scripts [GL:XI#307] – SNS
  • Fixed an issue where editing SNMP Trap Sender settings would break on PHP 8+ [GL:XI#149] – SG
  • Fixed an issue that could lead to a blank screen when editing service templates while utilizing PHP 8+ [GL:XI#334] – SG
  • Fixed an issue where Wizard fields with trailing whitespaces would break data visualizations [GL:XI#308] – SNS
  • Fixed an issue where whitespaces in the License Information page would cause problems [GL:XI#341] – SNS
  • Fixed an issue where adding a dashlet would break the page if a confirmation window was open [GL:XI#323] – BB
  • Fixed an issue where deleting multiple dashlets would cause console errors [GL:XI#324] – BB
  • Fixed an issue where sendmail couldn’t send to @localhost on PHP 8 [GL:XI#229] – BB
  • Fixed an issue where external redirects weren’t being blocked when using PHP 8 [GL:XI#199] – BB
  • Fixed an issue where the logrotate configuration wasn’t being updated properly [GL:XI#333] – BB
  • Fixed an issue where service descriptions weren’t displaying properly [GL:XI#293] – BB
  • Fixed an issue where the NCPA wizard would crash on PHP 8 [GL:XI#240] – BB
  • Fixed an issue where OAuth credentials could indicate that they succeeded when they failed if the user manually modified the files incorrectly [GL:XI#263] – BB
  • Fixed an issue where Highcharts graphs would show 0 for the Max: field in the labels [GL:XI#336] – BB
  • Fixed an issue with Email settings where it would check for SSL/TLS if None was selected [GL:XI#227] – BB
  • Fixed an issue where removing multiple dashlets would cause errors [GL:XI#324] – BB
  • Fixed an issue where Bootstrap popups wouldn’t close when switching tabs in the application [GL:XI#122] – BB

Component Updates

Core Config Manager (CCM) 3.2.1

  • Fixed issue allowing users to select inactive timeperiods [GL:XI#162] -AC
  • Fixed SQL injection vulnerability in the CCM Host and Service Escalation pages (Thanks Astrid Tedenbrant and Outpost24 for reporting this) (CVE-2023-40934) - DA