Created by N Padmavathi, last modified by James Hurrell on Mar 24, 2023

Content matrix

VersionSummary of contentComments
2.4.3-funcrel

Package contents:

Updates:

  • Bug fixes to resolve two CVE vulnerabilities found in CAST Dashboards: CVE-2021-45046 (for Apache Log4j) and CVE-2021-23463 (for h2database).

Can be used with:

  • 8.3.16


2.4.2-funcrelThis version is not available.
2.4.1-funcrel

Package contents:

Updates:

  • Bug fixes to resolve two CVE vulnerabilities found in CAST Dashboards: CVE-2021-44228 (for Apache Log4j) and CVE-2021-43466 (for OWASP). 
2.4.0-funcrel

Package contents:

Updates:

  • Roles and data authorizations feature moved from beta to functional release
  • It is now possible to change ISO tile's mode to grade, compliance and violations with corresponding drill down data, using Industrystandard tile configuration.
  • User Profile: In LDAP mode, if there is no search object, the user list is displayed based on the assigned profile
  • Contains customer bug fixes for the Engineering Dashboard and the Health Dashboard

RestAPI documentation

2.4.3-funcrel

Other Updates

Internal IdDetails
DASHBOARDS-4238Upgrade Log4j to v 2.16 to resolve CVE-2021-45046. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 and https://doc.castsoftware.com/display/CAST/Apache+Log4j+-+CVE+vulnerabilities (CAST documentation).
DASHBOARDS-4241Update to fix CVE-2021-23463. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23463.

2.4.2-funcrel

Note

This version is not available.

2.4.1-funcrel

Other Updates

Internal IdDetails
DASHBOARDS-4233Upgrade Log4j to v 2.15 to resolve CVE-2021-44228. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 and https://doc.castsoftware.com/display/CAST/Apache+Log4j+-+CVE-2021-44228.
DASHBOARDS-4236Fix CVE-2021-43466 for OWASP. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43466.

2.4.0-funcrel

Feature Improvements

SummaryDetails
UI - User Role/Profile featureThe User Role/Profile feature is now functional. See https://doc.castsoftware.com/display/DASHBOARDS/User+roles+-+2.x+and+above.
UI - User Role/Profile featureWhen LDAP authentication mode is active, the list of users/groups will display the list of users/groups based on their assigned profile by default. When a user/group search is initiated, users/groups matching the search string will be displayed. See https://doc.castsoftware.com/display/DASHBOARDS/User+roles+-+2.x+and+above.
UI - Improvements to ISO-5055 industry standard tilesWhen using the ISO-5055 assessment model, all ISO-5055 specific tiles for industry standards such as Reliability, Security etc. can now be manually configured to use Grade, Compliance and Violations with the correct corresponding drill down data. See https://doc.castsoftware.com/display/TECHNOS/Manual+configuration+of+Dashboard+tiles+using+ISO-5055+data.
Admin - Encryption of database credentialsIt is now possible to encrypt database credentials for both the application schemas and the user role/profile schema. See https://doc.castsoftware.com/display/DASHBOARDS/Encrypt+login+and+password+for+database+and+LDAP.

Other Updates

Internal IdDetails
DASHBOARDS-4069HD: Fixed an issue where the "Become admin" option was not present and an incorrect message was displayed in HD for the very first login.
DASHBOARDS-4042ED: Fixed an issue where the "view as" option was present in every view, after navigating to the Risk Investigation view.
DASHBOARDS-3992HD: Fixed an issue where the trends section was visible even when the snapshot count was more than snapshot threshold.
DASHBOARDS-3917ED/HD: Fixed an issue that occurred when the user role/profile database was used by multiple dashboards: the user authorization table would work in only one dashboard - in all other dashboards the view would not load correctly.
DASHBOARDS-3886ED/HD: Fixed an issue that occurred when switching between authentication modes: when using the "Become Admin" option, the resulting User authorization view was empty.
DASHBOARDS-3855ED: Fixed an issue where the "Show more" option in the Action Plan Recommendation page was not displaying the correct count of violations.
DASHBOARDS-3081ED: Removed surplus padding to the right in the Report generation page.
DASHBOARDS-4096ED: Fixed an issue where adjustment factor detail values were rounded incorrectly.
DASHBOARDS-4143HD: Fixed an issue where Top Priority rules were not visible.
DASHBOARDS-4134HD: Fixed an issue with the line of code count comparison in the application detail page.
DASHBOARDS-3961Internal improvements and changes have been made to allow dashboards to be embedded in AIP Console v. 2.x.

Resolved Issues

Customer Ticket IdDetails
32213HD: The Modified FP value is displayed incorrectly in the HD.
32869HD: Technical Size details not shown in HD Dashboard.
32599ED/HD: Unable to create initial admin at 1st connection to the dashboard (when first connected to dashboard, admin option works only for localhost).
32831ED/HD: Encrypt login and password for database is not possible in 2.x Dashboards.
32860ED/HD: Issue while changing a profile role from a restricted role to admin role.
32867ED/HD: SAML group authentication is not working in Dashboard 2.3.0
32893ED/HD: Ldap group search is failing in user configuration page.