Minor Releases

Cortex XSOAR 6.1 minor releases, maintenance releases.

Cortex XSOAR 6.1.0 (B1031903)

Cortex XSOAR 6.1.0 (B1031903) is a maintenance release that delivers bug fixes and provides usability enhancements.
New Features
  • When installing the Server you can now select the default Cortex XSOAR user name by adding the flag
    -system-user-name=
    username
  • A remote repository can now be validated using SSH public key authentication with a certificate.
Fixed Issues
  • In an incident summary, tabs that were configured with specific role-based permissions, did not appear initially when the incident loaded.
  • The cog icon for defining table settings in the Layout Builder was not working. As a result, columns could not be selected or moved.
  • When reports were generated as PDFs or doc files from within an incident, system fields were shown with the machine name format.
  • In Dashboards, when trying to use the Calendar Months to Now timeframe, the dashboard did not update.
  • Parameters with a null value were removed from the argument list.
  • When working with remote repositories, if you deleted a report in the development environment and pushed that change to the production environment, the wrong report was deleted in the production environment.
  • It is now possible to search within all single-select fields, including the Close reason field.
  • Linked incidents were not indexed properly in Elasticsearch.
  • After upgrading to Cortex XSOAR 6.1, when trying to access the Incident Info tab, if there was a custom grid in an incident layout, an error message appeared.
  • When SAML authenticated users logged out of Cortex XSOAR, an error message was displayed.
  • When the server was restarted and a new server configuration was added, third party API endpoint mapping configurations were not maintained.
  • When incidents with a role were created via a job, the incidents did not auto run and investigations were not opened.
  • A potential security issue with the engine configuration package was resolved.
  • When using Elasticsearch, SLA queries failed and could not be displayed in dashboard widgets.
  • If Live Backup was configured, the
    logout/everyone
    API call could corrupt the backup server.
  • In some cases, attachments and artifacts were not deleted from the backup server's file system.
  • In a High Availability environment with two servers, when one of the servers was starting and another was already running, the load balancer directed to the server that was loading instead of redirecting to the server that was already running.
  • Sometimes, when using the option to mark results as evidence in a playbook task, clicking the date picker caused a client rendering error.
  • After upgrading to version 6.1, when running a field trigger script using an engine, an error was returned due to SLA fields not being registered in the engine.
  • Dashboards and incidents failed to load due to internal deadlock related to indexing.
  • When using the API to create a Machine Learning model that did not contain a results field, the Machine Learning page returned an error and crashed
  • When adding integration instances for Remote Access and Active Directory authentication and using vault credentials, such as CyberArk AIM v2, an error message appeared.
  • In the Firefox web browser, in rare cases, some incident fields appeared overlapping.
  • After restarting the server, if running Microsoft Teams integration on an engine, the integration did not immediately restart and manual steps were required.
  • When editing an existing incident type, the user could enter a new name for the incident type, but when saving the incident type, the incident type reverted to the original (unchanged) name.
  • (
    Multi-tenant
    ) Performance issues related to hosts repopulating users and roles were causing the CPU to spike.
  • (
    Multi-tenant
    ) When report content was synced from the main host to a tenant, the
    run with current user
    report checkbox was cleared.
  • (
    Multi-tenant
    ) When a user had a role which did not appear on the tenant's role list, user settings could not be propagated. For example, the user was unable to change default administrator and roles for tenants.
  • (
    Multi-tenant
    ) When propagating a report from the main account to a host, the tenant setting for the
    Run with current user
    parameter was reset.
  • (
    Multi-tenant
    ) It was not possible to edit incident types on a tenant even after detaching the incident type.
  • (
    Multi-tenant
    ) Incident types in tenant accounts were detached during the upgrade process and did not receive updates from the main account.
  • (
    Multi-tenant
    ) Propagation labels could not be configured on system dashboards.
  • (
    Multi-tenant
    ) Non default administrators were unable to sync accounts.
  • (
    Multi-tenant
    ) When upgrading from Cortex XSOAR version 6.0.2 to version 6.1, hosts were duplicated in the Host/HA Group table.

Cortex XSOAR 6.1.0 (B848144)

Cortex XSOAR 6.1.0 (B848144) is a maintenance release that delivers bug fixes and provides usability enhancements.
Fixed Issues
  • Indicators did not display in the Indicators page as expected.
  • When pulling content from a remote repository in a dev environment or when trying to push changes after migrating content to the Marketplace, some content was not pushed into the prod environment due to conflict issues in GitHub.
  • In a Work Plan, when creating an ad-hoc sub playbook task, the context was shared globally even though it was set to private.
  • When viewing a task in a playbook, which was related to a specific integration that was not enabled at installation, the task was displayed as missing.
  • If you created a custom string field and entered any non-string data, when searching for the incident, no data was returned.
Installation file hash
: 5f2fd26eebf06aa2cb3c2087bc537befe87236f9e6a4a3e177975721013dc213

Recommended For You