Resolved -
This incident has been resolved.
Apr 28, 13:09 UTC
Update -
Placeholder recommendations have been removed. We continue working on removal of incorrect findings and their respective recommendations.
Apr 28, 06:45 UTC
Identified -
Incorrect asset placeholders have been removed for all affected customers. We are updating findings and recommendations, and expect this work to finish by the morning of 28th of April, resolving the issue. Until then, we continue working on the issue with the highest priority.
Apr 27, 14:09 UTC
Investigating -
We are investigating an issue where WithSecure Elements Exposure management reports vulnerabilities, findings and recommendations for non-existent software or devices for some customers. These findings were generated after Saturday, 25th of April.
Apr 27, 11:08 UTC
Resolved -
The issue has been resolved. You can submit URL samples again. Thank you for your patience!
Apr 23, 12:25 UTC
Investigating -
We are currently experiencing an issue were submitting URL samples in WithSecure Elements fails with an error "cannot create collaboration request". We are working on a solution with the highest priority.
Apr 23, 11:08 UTC
Resolved -
We have created a hotfix for this issue. We advise all our Business Suite partners and customers to apply this hotfix at the earliest opportunity. The risk can further be mitigated by ensuring that Policy Manager’s Web Reporting interface is not accessible from the internet. This can be done with external firewall configurations.
Investigating -
We have identified that WithSecure Policy Manager (PM) includes a version of the Axios library within the web reporting component that is currently flagged as vulnerable.
Based on our assessment, the associated risk is low. As a precautionary measure, we recommend the following:
Reviewing the current firewall and network configuration to ensure that the Policy Manager webreporting interface is not accessible from external networks
Ensuring restricted access to this component significantly reduces any potential exposure.
We are investigating on a fix for the issue.
Apr 14, 14:35 UTC