UVM Security Management Appliance Software 3.2.5 Release Notes

January 7, 2021

New Features and Enhancements:

  • Implemented Low-Privilege UVM Services.
  • Removed x-powered-by from AAR/reverse proxy headers when installed.
  • Replaced SHA1CryptoServiceProvider.
  • Removed PasswordSafe license requirement for High Availability.
  • Updated DotNetZip library used by our application.
  • Login page messaging improvements.
  • Removed extra logging functions from Configuration Wizard.

Issues Resolved:

  • Resolved issue in which the server was inaccessible until Firewall service was cycled.
  • Resolved issue in which BeyondTrust Appliance API Key Management service crasheed unexpectedly.
  • Resolved issue in which Trigger Connections Test is disabled on API Key Maintenance page.
  • Prevented restores on Appliances in High Availability.
  • We now show update status as Skipped if all steps are skipped.
  • Resolved issue in which the Appliance Software Version tile appeared empty.
  • Resolved issue in which Swap Roles on a SQL-Free worked, but returned an Internal Server Error to the UI.
  • Resolved issue with backup files and auth codes and special chars in names.
  • Resolved issue in the UVM HA Monitoring Service in which the log file was creating error logs about depreciated service eEyeWebSvc.
  • Resolved issue in which the user was able to click Schedule backup button multiple times.
  • Resolved issue in which UVM50 appliances which have their DB split into multiple parts did not correctly display DB size on HA page.
  • Resolved issue in which the list of notifications cuts off the top of the first one.
  • Resolved issue in which the footer on notifications page does not stay at the bottom and has notifications that display over top.
  • Resolved issue in which product versions did not display on the LCD panel.
  • Resolved issue in which the Include Session Files in Backup option was unchecked after checking it for the schedule.
  • Resolved issue in which the list of appliance software versions changed sort order. The Security Mgmt Appliance version was no longer on top.
  • Resolved issue in which the EventServiceAppPool and PolicyServiceAppPool services were stopped and did not start after running configuration wizard on a Hyper-V image.
  • Resolved issue in which the Login card did not indicate a reboot is required when there was a pending reboot.
  • Resolved issue in which the complete text of a notification was unviewable.

Known Issues:

  • 2020-R1 and 2020-R2 images missing SQL Analysis Server permissions. This causes backups to fail when Analysis/Reporting roles turned on.
  • UVM Self-signed certificate does not have subject alternate name (which does not support HSTS).
  • UVM Management Appliance can complete and not indicate a reboot is required but the web login card does.
  • When EVAL license is used ,an unnecessary call is made to GetRegInfo.
  • When NTP and Auto Synchronization is set to NONE, the appliance is still setup to synchronize to the Internet at time.windows.com.
  • A slider in General Settings is not retaining its value when page is reloaded.
  • Selecting Use NTP server for time in General Settings results in an error.
  • Password input boxes in Roles Editor and Maintenance do not clear the input box when submitted.
  • An error returned from the WebSocketAuthTicket Service on the API key management page may display in the Description input box for registering an API key.
  • Enabling Export Settings is not retained.

Notes:

  • This update is available via the BeyondTrust Updater or as a manual installer from the download tool.
  • Shipping on new Appliance Images in January 2021.
  • This install is dependent on SUPI 3.0 being installed first (all UVM versions since 3.2.2 have this requirement).