Request Demo

2012R1.6

  • February 5, 2013

Security

  • Fixed Reflected XSS vulnerability related to dashlet AJAX loads (Reported by James Clawson) – MG
  • Fixed vulnerability where read-only users could access auto-discovery directly (Reported by James Clawson) – MG
  • Fixed shell vulnerability for autodiscovery tool (Reported by James Clawson) – MG

Updated

  • Fix for case-sensitive object ID lookups from NDOUtils – EG
  • Fix for CCM case-sensitive Config Names not being written to file – MG
  • Fix for host fields VRML image and statusmap image not repopulating correctly – MG

Removed

  • Removed use of the ‘at’ command for CCM audit log entries. Only selective entries are forwarded along to XI’s audit log now. – MG
  • Removed setting of putenv(LC_ALL) in CCM, apache was complaining on Cent/RHEL6+ systems – MG

Fixed

  • Fixed JS function calls in CCM that used attr() and updated them to use prop() where appropriate. (Chrome Fix) – MG
  • Fixed bug in notifications report where pdf exports came back empty if the search field was used – MG