ManageEngine Asset Explorer – Build 6209 Released

Vulnerability:

• SD-71473 : Vulnerability found in file extraction during the restore process.
• SD-72572 : Fixed CRC related issue in restore process.
• SD-73218 : Information disclosure vulnerability in Contact Support section under Help.
• SD-70638 : Vulnerability: Inappropriate use of HTTP methods while resetting user password.
• SD-73855 : Improper server/client side validation vulnerability in an asset list view URL.
• SD-73965 : Privilege escalation vulnerability in contracts.

Assets:

• SD-71794 : When we push data from a remote server to a central server, even if the scan status of the workstation is failed in the remote server, “SUCCESS” message is shown in the central server from the second time onwards.
• SD-74251 : Some details such as Manufacturer, Domain Name, Last logged-in User are not fetched while scanning AIX machines.
• SD-74039 : Error occurs while trying to view an Asset’s History tab.
• SD-74022 : Unable to change the CI type of a scanned software (both managed and non-managed) to null after associating it to some value.
• SD-71805 : Newly created software and software suites do not appear in the list view. The issue occurs if the compliance calculation is disabled in the database while creating.
• SD-69814 : While calculating compliance of a child software, the parent software is not checked for compliance.
• SD-73723 : Unable to add a software suite for software belonging to the same manufacturer under All Manufacturer filter in software list view.
• SD-73831 : Unable to edit the site of a license which is associated with a software license agreement.
• SD-72514 : Alignment issue occurs when a value is added for Multi-line asset additional field.
• SD-73575 : Unable to view the license list view page from software details page in ppm setups.
• SD-74611 : Agent : For the agent-server communication, SHA-1 certificate has been replaced with SHA-256 certificate.
• SD-73912 : Asset import through CSV file now supports multi-line values inserted within double quotes.
• SD-73916 : After scanning, Cisco IP phones have their State invariably changed to In Store. It has been fixed.
• SD-73828 : Under Barcode >> Print Barcode >> Manual, Site of label properties is not saved if Not associated to any site was selected. It has been fixed.
• SD-72884 : Technicians (except SDAdmin) couldn’t edit State of assets by using Global edit in the asset details page. It has been fixed.
• SD-73881 : Issue occurs while performing a script scan on application running in the HTTPS mode with a self signed or a trusted certificate.
• SD-73953 : Unauthorised error message is shown for users while downloading attachments from Purchase Request via non-login URL access.

Purchase:

• SD-70012 : Due to the missing screen scroll bar in ‘Add Invoice’ pop-up, users are unable to save invoices in laptops with 14-inch screens.
• SD-70441 : After exporting POs, the ‘Created Date’ column has values in a unreadable format.
• SD-72729 : Purchase orders get reopened after their closure if they are approved by one of the approvers after closing the PO.
• SD-73070 : Product type and product drop-downs in the PO creation form do not display more than 25 results.
• SD-73198 : Able to send approval link even when the PO is in invoice Received status.
• SD-73552 : Space between words are rendered as ‘%20’ in purchase request’s approval comments.
• SD-73590 : Unable to receive the items in a purchase order if the ordered quantity is extremely high.

CMDB:

• SD-72152 : The “Actions” and “New” drop-downs do not appear for certain CI types under the CMDB tab.
• SD-73557 : CMDB API: Unable to fetch IP Addresses using API in MSSQL Setup.

Admin:

• SD-71882 : Security settings >> Security response headers: After updating the latest service pack, custom security response headers are lost.
• SD-73659 : After a missed backup schedule, the backup gets started on the server start time, but then the next backup schedule gets revised to the server startup time instead of the scheduled backup time.
• SD-72070 : While importing users through scheduled AD import, only users from the first 10 domains are imported.
• SD-74064 : Unable to delete the values for pick list additional fields in CI attributes.

Others:

• SD-69465 : Option to download digitally signed service packs
• SD-73041 : Out Of Memory error occurs during the backup of directories with large number of files. If you adjust the memory size and complete the backup, Restore will still not be possible.
• SD-73154 : Backup restore fails without the file attachment zip in it. The issue occurs only if the previous backup has been manually terminated.
• SD-73506 : Unable to change port number while installing Asset Explorer in Windows machine.
• SD-73562 : Incomplete backup files will have the .partial extension to distinguish from the complete backup files with the .data extension. Please note that the incomplete backup files cannot be restored.
• SD-67053 : Keystore password is not encrypted.
• SD-73927 : While selecting images using the image browser pop-up in CI type page, only GIFs option is shown in the format field.
• SD-73116 : During backup, tables which contain Schar and PK columns throws an OOM error.
• SD-72102 : During backup, .sql files with data storage exceeding 1GB will be split into multiple .sql files. The new files will be named in the tablename_fileindex format.
• SD-69233 : Following files have been added to the trimmed backup :
  • conf\Server.xml
  • bin\run.bat (run.sh)
  • bin\startDB.bat (startDB.sh)
  • conf\wrapper.conf
  • conf\web.xml
  • conf\logging.properties
  • conf\TrayIconInfo.xml
  • conf\sdp.keystore