This section lists issues fixed after the last major release. For additional information on fixed issues, see the Fixed Version column in the RSA NetWitness Platform Known Issues list on RSA Link: 
https://community.rsa.com/community/products/netwitness/documentation/known-issues

Security Fixes

Tracking NumberDescription
ASOC-104032CentOS 7 dbus security update - https://access.redhat.com/errata/RHSA-2020:2894
ASOC-104030CentOS 7 grub2 security and bug fix update - https://access.redhat.com/errata/RHSA-2020:3217
ASOC-104029CentOS 7 java-11-openjdk security update - https://access.redhat.com/errata/RHSA-2020:2969

ASOC-104035

rsa-nw-legacy-web-server issue reported for Cross Site Scripting - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

ASOC-104034Reflected xss present in the malware service - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

ASOC-104033

Stored xss present in reporting module -https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Administration Fixes

Tracking NumberDescription

SACE-14665/ ASOC-104534

PKI Authentication based status in Admin > Security > PKI Settings did not clearly mention how to add configure Server CA Certificate in the trust store.

Core Services (Broker, Concentrator, Decoder, Archiver) Fixes

Tracking NumberDescription
SACE-14578After enabling packetdb compression on Packet Decoder, higher sessions per file were observed.
ASOC-105703 / SACE-14609Due to access packet consumption for a Decoder the license usage shows exceeded limit of packets.

Server Fixes

Tracking NumberDescription
SACE-14462/ ASOC-104534After upgrading to NetWitness Platform 11.5 recurring feeds failed. This is because "Upload as CSV File Feed" was removed from 11.5 but it was being referenced during XML file upload.
ASOC-105189During rescheduling of job the feed def xml and feed config file are not restored and hence the feed to failed when redeployed.

ASOC-105152 /

SACE-14792

While running the script /usr/bin/nw-manage with --check-hosts-status, nodes containing space in the displayName are not getting parsed correctly.

Content Server Fixes

Tracking NumberDescription
ASOC-105441Content Management System server request queued due to high volume Content sever requests.

Reporting Engine Fixes

Tracking NumberDescription
ASOC-105593 / SACE-14612 / SACE-14400Unexpected alerts are getting triggered due to a Reporting Engine rule that was grouped to an incident by an incident rule.

Log Collector Fixes

Tracking NumberDescription
ASOC-105276Log Collector IPs are replaced by Host IDs when editing shovel which was created after setting up push configuration on the remote Log Collector.

Health and Wellness Fixes

Tracking NumberDescription

ASOC-101652/

ASOC-105264

If an AD group is configured with an Administrator role in NetWitness Platform and you log in as an AD user (associated with the AD group), the New Health and Wellness dashboard is not displayed when you pivot to Dashboards.

UEBA Fixes

Tracking NumberDescription
ASOC-104867/
SACE-14380
On the Investigate > Entities > Alerts view, when you export alerts to a CSV file, only 25 alerts are exported.

Endpoint Fixes

Tracking NumberDescription

ASOC-104219/

SACE-14786

Too many FILELESS_SCRIPT reported by Windows Agent causing increased file collection.