New Features in service pack 6205

  • AEF-63637 : The Asset Loan feature enables you to mark loanable assets; track asset loaning, return, extension, and expiry; and configure asset loaning notifications.
  • AEF-73176 : Configure a password, for both login and non-login users, to ensure secure access to files, such as exported reports, scheduled reports, and exported request list generated from within the application. Enable File Protection Password under Admin>>Privacy Settings.
  • AEF-31037, AEF-45095, AEF-37001 : User import from Active Directory can now fetch Employee ID and ‘Large Integer’ type field accountExpires.

Issues fixed in service pack 6205

  • AE-72109 :XSS vulnerability found in the asset details page is fixed.
  • AE-72080 :Directory traversal vulnerability found in file upload is fixed.
  • AE-71495 :ZipSlip vulnerability found in distributed asset scan is fixed.
  • AE-72568, 69294 :Vulnerability in deletion of default license types is fixed.
  • AE-68282 :No alert message is displayed, warning about the impacted scan types when we enable “Stop uploading scanned XMLs via non-login URL” under the Security Settings.
  • AE-69108 :Security response headers are missing in the login form.
  • AE-71595 :Vulnerability : Able to create a table and copy data in MSSQL.
  • AE-66826 :Vulnerable HTTP method (OPTIONS) disabled.
  • AE-69292 :Vulnerability of an unauthorized user able to create, edit, and delete currency in the application is fixed
  • AE-71491, 71490 :Failure exception message displayed during network scan is fixed
  • AE-70963 :Purchase Requests with similar vendors are not listed in the Associate PR list when trying to associate a PR with a Purchase Order.
  • AE-71359 :Agent : Option to configure the Agent’s TLS Protocols and Ciphers to secure communications from within the Agent side. Configure it under Admin >> Windows Agent Configuration >> Settings.
Build Release

You may be interested in these other recent articles

6 Dec

Last Week’s Best ManageEngine Updates – Part 30

6 December 2023 | Nazim Nadir

ManageEngine is named a strong performer for 2023 in last week updates. There are also new updates to their suite of applications and they have…

Read more
27 Nov

Last Week’s Best ManageEngine Updates – Part 29

27 November 2023 | Nazim Nadir

Exciting news of ManageEngine Linkedin Live webinar has been announced alongside some application updates and the release of a new E-Book. Whether you’re new to…

Read more
30 Oct

Last Week’s Best ManageEngine Updates – Part 28

30 October 2023 | Nazim Nadir

Updates on stability have been made by ManageEngine to enhance your end-user experience with their products. Continue reading to learn which ManageEngine applications gain the…

Read more