Release Notes 11.3.2.1: Fixed Issues

Document created by RSA Information Design and Development Employee on Feb 4, 2020Last modified by RSA Product Team on Feb 10, 2020
Version 3Show Document
  • View in full screen mode

This section lists issues fixed since the last major release.

Upgrade

Tracking NumberDescription
SACE-12431/
ASOC-87160
Administrators are not able to upgrade the Windows Log Collector (WLC) when the regional locale is other than EN-US.

NetWitness Endpoint

Tracking NumberDescription
SACE-12463Endpoint Policy scan is running on an hourly basis when the policy scan is configured for weekly.
SACE-12239When installing Microsoft Windows update, a blue screen is observed on the Windows agent.
ASOC-86774Windows Endpoint agent cannot detect kernel hooks and suspicious threads as the kernel version and OS build number is different in Windows 10 Version 1909.
ASOC-87022Endpoint Agent Driver is not loading and sending tracking data for the latest Mojave version of Mac.

Core Services (Broker, Concentrator, Decoder, Archiver)

Tracking NumberDescription
SACE-12387Unable to extract files from an SMB2 session due to the recent changes in the SMB2 protocol.
SACE-12827Not able to extract file in the NetWitness Platform user interface, if the file is an attachment of a mail.
SACE-12573/
SACE-12289/
ASOC-87185/
ASOC-85432
The Archiver and Concentrator services are not able to start data aggregation from the Log Decoder when the Log Decoder crashes.
SACE-12747/
ASOC-87469
SoSReport fails to the retrieve service logs when the byte encoding schemes are not set correctly.
ASOC-87661Not able to extract files from the Log Decoder as it is trying to extract the directory instead of a file.

Investigation

Tracking NumberDescription
SACE-11706Event export fails when investigating for a custom time frame and profile with no prequery.
SACE-11659When investigating an offline Archiver collection, it does not display meta with events but displays only the events count.
SACE-12803Unable to export logs in the Investigate view, when the user language setting is not English or French.
SACE-12420/
ASOC-87099
In Malware Analysis view, the community column does not display community scores.

Administration

Tracking NumberDescription
SACE-12423Throughput Licenses (TP) are failing when applied on malware appliances.
SACE-12503/
ASOC-87411
Custom feeds and Job History are missing for users with backslash in username, when jetty is restarted.
SACE-12632/
ASOC-86918
User with username containing special character (!) in Active Directory (AD) is not able to log in to the NetWitness Platform user interface.
SACE-10975/
ASOC-87278
User with username containing unicode in the Active Directory (AD) is not able to log in to the NetWitness Platform user interface. For example, Sofía, A!nn'ecē

Context Hub

Tracking NumberDescription
SACE-12482/
ASOC-87375/
ASOC-87163
STIX feeds are not parsed when the sightings count is zero or when the object arrays contain single element.
SACE-12376Context Hub list conversion for non feed jobs are generating warning logs.

Event Source Analysis (ESA)

Tracking NumberDescription
SACE-12497/
ASOC-86412
When ESA Correlation Server is connected to multiple Concentrators and the Correlation Server loses connectivity with the Concentrator, data aggregation stops from Concentrators.

Malware

Tracking NumberDescription
SACE-10302/
ASOC-68719
AV tab in Admin > Services > Malware > Config, does not display AV Vendor results.

 

Previous Topic:What's New
Next Topic:Build Numbers
You are here

Table of Contents > Fixed Issues

Attachments

    Outcomes