BeyondTrust Discovery Agent 22.4.1 Release Notes

March 23, 2023

New Features and Enhancements:

  • Moved the logging level from the registry to the PhoenixCfg.json file. The option name is still SerilogLogLevel and the values remain the same.
  • Moved the max log file size from the registry to the PhoenixCfg.json file. The option name is still MaxLogFileSize and the values remain the same.
  • Added a runtime option to disable the collection of Oracle cluster information.
  • Added a runtime option to use the Oracle instance name from the credential instead of the one in the database.
  • Added the enumeration of software installed for a single user as opposed to all users.
  • Added timeout logic to the remote registry connect call.
  • Added logic to skip making remote registry calls if remote access is not obtained during OS Detection.
  • Added additional timeout logic to remote registry access calls to reduce the possibility of a hung scan.
  • Added logic to skip making remote registry calls if remote access timeouts exceed a configurable count. This count defaults to 0, meaning no max.
  • Added support for Fortinet devices. The scanner will return the OS, version, hostname, users, and groups.
  • Added a scan alert for the status of deploying a remote agent.
  • Added a scan alert for the status of access to the remote registry.

Issues Resolved:

  • Improved scan performance for OSX by changing the user enumeration command set.
  • Resolved an issue which was not returning all the installed software.
  • Fixed an exception which could occur when using an SSH credential with a port other than 22.
  • Eliminated sending the id command to devices which did not support it.
  • Resolved an issue which prevented unauthorized enumeration from running when the OS could not be determined.
  • Resolved an issue in which SSH authentication failed to use keyboard interactive mode due to an authentication timeout.
  • Resolved an issue which caused the scan to ignore the maximum scan time set as part of the schedule.
  • Fixed a condition which allowed improper certificates to be used for events communications.
  • Resolved an issue which caused the incorrect reporting of the workgroup in events.
  • Resolved an issue which caused an exception in reporting the scan results when no OS was found.
  • Added a new bad command response string to fix an issue where Linux OS detection was failing.

Known Issues:

  • The installation dialogs have string substitution errors.
  • Under certain circumstances, a scan of the local scanner can create a duplicate asset in BeyondInsight due to returning the local IP address instead of the hostname.

Notes:

  • Direct upgrades to this version are supported from versions 20.1.0 and later.
  • This release is available by download from the BeyondTrust Client Portal at https://beyondtrustcorp.service-now.com/csm.
  • The MD5 signature is: 87e6d90f5a1c85fe7788e346692cd39e
  • The SHA-1 signature is: 9b0f21b4598cea2b26df6341946a04c3ca40c790
  • The SHA256 signature is: a2f08bf35d637e8d70c27e4ec0a611b52c0df46797526166a50f62879499a5fe