Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Content matrix

VersionSummary of contentComments

Package contents:


  • New executable JAR file to replace ZIP file.
  • Option to encrypt the username / password for CAST Storage Service/PostgreSQL and/or LDAP individually
  • It is now possible to add/edit a license key using the UI.
  • It is now possible to add SAML user/ group from UI.
  • Six new report types are added to the default exsiting list of Standard Compliance reports
  • ISO-5055 tile will not be displayed on the homepage if the application does not have the ISO extension installed.
  • Now, in ISO-5055 View, all the evolutions are based on Compliance.
  • Bug fix to resolve CVE vulnerabilities found in CAST Dashboards, for Apache Log4j: CVE-2021-45105 and CVE-2021-44832
  • Contains customer bug fixes for the Engineering Dashboard and the Health Dashboard

Can be used with:

  • 8.3.3

RestAPI documentation


Feature Improvements

UI - browser .ICO file updatesThe .ICO file used in the Dashboards (visible in the browser tab) has been updated and improved.
UI - tile loading behaviour updateWhen there is no data, all ED tiles should show N/A instead of loading icon, and hence the user is not stuck in the home page.
Add solved date in action planIn Action Plan, for Solved violations, the last snapshot date is displayed. For Added and Pending violations the last updated date is displayed.
Implement pagination for profiles and userTo improve performance, pagination is added to all the admin User/Profile tables.

Other Updates

Internal IdDetails
DASHBOARDS-4388Fixed an issue where domain bindings were not correctly updated when the Dashboards are used in integrated mode with AIP Console.
DASHBOARDS-4394Fixed an issue with the Dashboard login routes when the Dashboards are used in integrated mode with AIP Console.
DASHBOARDS-4412Fixed an issue where the source file view was still being displayed even though the session had timed out. A login dialog box is now shown instead.

Resolved Issues

Customer Ticket IdDetails
33438Cannot get the scan results on Dashboard - Dashboard takes infinite time to load.


Feature Improvements

UI - Admin Centre - License KeyIf a legacy type license key is still being used, users with the Admin role will now see messages explaining that a new license key format is available. See

Other Updates

Internal IdDetails
DASHBOARDS-2848HD: SEI-Maintainablity - Filter should display only Grade.
DASHBOARDS-4327ED: Only critical violations are displayed by default pop up position changed.
DASHBOARDS-4328Display expiry date in months when number of days is more than 30 days in license section.
DASHBOARDS-4329HD portfolio view shows no evolution when we select and unselect tags and technology.
DASHBOARDS-4348HD: Dashboard fails after updating the licence key (new format) via the admin GUI.
DASHBOARDS-4349ED not showing user excess message in banner.
DASHBOARDS-4350Associated user count is not updated after removing users from table.
DASHBOARDS-4357ED: Non admin user is able to access the applications in ED when no authorization is configured.
DASHBOARDS-4359Roles are not assigned for the user in integrated mode.

Resolved Issues

Customer Ticket IdDetails
33902Fixed an issue where multiple profiles were not working as expected.
31456Fixed an issue where previous contributed value displayed in the Function Point report is incorrect for transactions with the same full name.
33839Fixed an issue where the embedded ED (service) does not display onboarded app - error updating domain bindings.
34069Fixed an error in the Health Dashboard: "Your application failed to start due to a "An error occurred"."



This release supports the new license key syntax progressively being introduced by CAST. All existing valid license keys will function exactly as they are intended, however, if you are using one, you may see messages in the dashboards stating that you you need to contact support. This message can be ignored, and all functionality is available.

New Features

New executable JAR with installerA new executable JAR file (to replace the .ZIP files shipped in releases 2.0 - 2.4) is now provided in the install media along with the traditional WAR file. This executable JAR file implements a wizard installer to improve the deployment process. The configuration of user authentication, CAST Storage Service/PostgreSQL instances, dashboard/central and measurement schemas and a Windows Service are now configured directly in the installer. The executable JAR file can be deployed on both Microsoft Windows and Linux and in UI or console/cli mode. See and
License key support from admin UIIt is now possible to add a new or update an existing Dashboard license key using the UI (previously the license key had to be provided in a text file called "license.key"). This option is available only to the users with the ADMIN role. The legacy "license.key" file can still be used if necessary. See

Feature Improvements

In ISO-5055 View, all the Dashboard contents are based on Compliance.Now, in ISO-5055 View, all the Dashboard contents are based on Compliance. By default, the Data in the tiles represents the most recent "compliance" of your Applications. But the Mode can be manually changed (refer: to show Grade (as in previous releases) and Number of violations.
Option to encrypt the CAST Storage Service/PostgreSQL and/or LDAP username/password individually.It is now possible to encrypt the username/password individually for CAST Storage Service/PostgreSQL and/or LDAP, instead of encrypting both (as in previous releases). When using the encryption keys, just replace the clear text entries with the encryption keys (previously, these items needed to be removed and new encryption key lines had to be added). All previous functionality still remains in place. See
New defaults Reports are added in Engineering Dashboard to Standard Compliance reports list.Six new report types are added to the exsiting list of Standard Compliance reports.
SAML user/ group can be added from UI.An option to add a user or group in the Users tab/UI is provided.
In Engineering Dashboard, ISO-5055 tile will be hidden, based on extensionIn Engineering Dashboard, ISO-5055 tile will be hidden, if the application does not have the ISO-5055 extension installed.
APR - only Compliance option for IndustryStandard health measures.In Action Plan Recomendation, upon selecting any IndustryStandard health measures, the violations will be calculated only on Compliance.
HD- View option drop-down is removed, if ISO-5055 results are not calculated.The view option will be removed, if there are no ISO-5055 results. The portfolio and application home view will be based on default view in such case.

Other Updates

Internal IdDetails
DASHBOARDS-4153HD: "show less" text is displayed with 180 degree rotation.
DASHBOARDS-4207Wrong message displayed after user/group is added in SAML mode.
DASHBOARDS-4132Security mode should be set to default instead of security.mode=${security.mode}
DASHBOARDS-4222Overlapping issue in ISO portfolio level detailed view
DASHBOARDS-4123Dashboard not able to generate report correctly with Report Generator
DASHBOARDS-4292HD: Overlapping issue in ISO detailed view
DASHBOARDS-4288Go to HD is not working in ED
DASHBOARDS-4304Dashboards from AIP console 1.27.0 is displaying an empty page
DASHBOARDS-1764Impcated transaction section is not loading for some transactions.
DASHBOARDS-4241Fix for security issue: CVE-2021-23463
DASHBOARDS-4306Update Log4j version to 2.17.1 for CVE-2021-44832
DASHBOARDS-4296APR - if Compliance mode seleted, SEI maintainability will break the UI with console error
DASHBOARDS-4309For integrated v2 mode, there is an erroneous license message in ED.
DASHBOARDS-4310Dashboards integrated with console 2.0.0 does not display the Dashboard version.

Resolved Issues

Customer Ticket IdDetails
33235Tags CWE-78 and PCI-Requirement-6.5.1 are duplicated in Rule Documentation display in ED.
32866The Password Present in the file for dashboard Integration should be encrypted.
32700Change the comment in the file to not use encryption tool to encrypt ldap password. - login issues after configuring user access restriction using SAML groups.
33273CAST Dashboard 2.4.0 - exclustion and action plan role problem.
33023Unable to navigate from HD (TechnicalDebt(OMG)) to ED.
33202Error while running datamart.
33265Advanced search is not working when transactions are filtered based on health factor.
33501Application Engineering Dashboard - Advance search is hanging.
33347When installing Microsoft Windows services for multiple ZIP/JAR file deployments on the same host, the documentation does not explain how to manually remove those services if necessary. The documentation has been updated:
33693Impossible to add a new application in the file of combined HD-ED 2.4
33535Impacted objects with violations are not loading in transaction investigation view.
  • No labels