Cortex XSOAR 6.2 minor releases, maintenance releases.
Cortex XSOAR 6.2.0 (B1578666)
Cortex XSOAR 6.2.0 (B1578666) is a maintenance release that delivers the following bug fixes.
- In some cases, deleted incidents continued to show up in the System Diagnostics page, resulting in an error message when users attempted to view the incident.
- Addressed some security issues in SAML authentication.
- When running theGenericPollingsub-playbook within theQRadarFullSearchplaybook, the playbook got stuck on theWaiting for polling to completeaction when a slow script was in use.
- Could not mention role names in the War Room when the role name contained a dash.
- After upgrading to Cortex XSOAR version 6.2, theShift Managementdashboard did not display as expected.
- When implementing a dynamic section in an incident layout, the table headers for that section are cut off.
- In the IDE, when set to Vim mode, when running a search using the/key, the search term that is entered is written in the same font as the background color and is not visible.
- After defining a custom logo, the Cortex XSOAR logo would appear briefly instead of the custom logo as the page was loading.
- When using Firefox ESR and data is longer than the page, the vertical scroll bar doesn't appear.
- (TIM-only License) TheLicensetab did not display details about the license and the total number of automations per day
- When generating a report, in a pie chart, some strings were truncated and theDurationwidget threshold color did not display correctly.
- Incident related tables in different views (incident details tabs, quick view etc) were not sortable.
- When importing incident classifier in a custom content bundle the classifier’s default incident type was not updated as expected.
- Scheduled items such as polling, scheduled entries, etc., could be stuck for a long period of time and affect other items in the queue.
- A concurrent map read and map write error appeared which caused the server to restart over several days.
- If there were missing tasks in playbook, (for example, playbook data indicates a task with ID3, but no task exists) the entire playbook was halted with a panic.
- When using High availability with multi app servers and enabling long running integration instances on other app servers, it caused each instance to check for the availability of the job without ending (go routine leak).
- Due to an update in Chrome, when hovering over a checkbox, it appeared as not selectable even though it was.
- Due to a bug in the query code, indicators were not properly expired and therefore were loaded to memory. In some situations, this caused a memory overload and the server to stop responding.
- In a remote repository deployment, when searching or loading dashboards, they did not appear because no owner was assigned in this deployment type.
Installation file hash:ea8193d485a5d4e6584128bdd6c20d8e1cc899a771ece7a3f00a79d33d0a8b24
Cortex XSOAR 6.2.0 (B1473927)
Cortex XSOAR 6.2.0 (B1473927) is a maintenance release that delivers bug fixes and provides several usability enhancements.
- Hosted service customers can now add, edit, and delete server configurations. For security and compliance reasons, a number of server configurations are not available through the web interface. If you attempt to add a server configuration that is not available through the web interface, a message displays directing you to open a support ticket.
- When creating a pie chart, you can now display the values directly on the chart. To display values on a pie chart, you will need to add a server configuration and select 'show values on the graph' in the widget configuration.
- You can now view HTTP requests, such as URLs, IP addresses, playbook searches, automation searcher, etc. in the log server. When the log is enabled, all the HTTP requests to the server are logged in theaccess_logfile.The format is Apache’sCombined Logformat. For more information, see https://httpd.apache.org/docs/2.4/logs.html.To enable the logs, add the following server configuration:Key:http.access.log.enabledValue:true
- In the CLI, the description of the verdict argument for thesetIndicatorscommand was not updated. The valuesBad, Suspicious, Good, Nonewere not replaced withUnknown, Benign, Suspicious, Malicious.
- When running the migration tool, if there was an invalid custom layout, layouts failed to migrate to Elasticsearch.
- When running a data collection task inside a sub-playbook loop, a reminder was sent for an already completed task.
- When editing a playbook, data collection tasks defaulted to auto-select the first option, even if the field definition did not haveuse first as defaultselected.
- When adding notes to an incident, users could not add multiple notes in succession without refreshing the page.
- In some cases, deleting individual items from an Exclusion list resulted in all items in the list being deleted.
- In some cases, a page fault caused the server to become unresponsive.
- There was a performance issue when viewing or editing large incidents with many war room entries.
- Some users could not access the War Room.
- When a task description was added, it displayed only as a tool tip and markdown was not rendered.
- When performing a search query that included the&symbol, the query was truncated.
- In some cases, a new dashboard could not be created when an existing dashboard could not be loaded.
- In some cases, when performing searches and viewing dashboard widgets, internal server errors occurred.
- In some cases when using Live Backup, after upgrading to Cortex XSOAR 6.2, the database of the backup server was corrupted.
- When generating a report that contained a bar chart that was configured to show values, the bar values were missing.
- When pushing an automation from a development to production environment, the development engine ID overwrote the production engine ID.
- When editing an integration instance, if you deleted the contents of a multi select field and saved the integration settings, the changes were not saved and the multi select field reverted to the default selection.
- In some cases, a page fault caused the system to reboot.
- After an engine detonated potentially malicious files, they were not deleted from the engine.
- When using a TIM license the automation limitation did not appear in the license page.
- When using a remote repository, if content items were renamed on the development server, in some cases duplicates were created in the remote repository and the content failed to install in the production environment.
- When adding a collection task in a playbook and selectingAdd Question based on field, an error message appeared.
- In a Chrome browser (using auto update), when clicking on a checkbox, the mouse cursor shows not allowed rather than a pointer, so the user believes the checkbox is disabled.
- In a Cortex XDR incident type, when clicking on the Case Info tab sometimes the pie chart flickered on hover.
- When working with a remote repository, the SSH key did not load after upgrading to Cortex XSOAR 6.2.
- When generating a report, the order of the widgets did not appear correctly.
- In rare cases, accounts that were started on the active server failed to start on the standby server, in a disaster recovery environment.
- In an Elasticsearch deployment, when searchingdescription,argument.name,timeout,runAs,scriptorlockedin the automations library, searches did not return results, and an error was displayed. After updating to this version, do the following:
- Start the server to apply the new template.
- Stop the service.
- Reindex the configuration index.
- Restart the service.
- (Multi-tenant) When creating a report from the main account, the full set of data was not included in the report for widgets without limit configuration of type table or list.
Installation file hash:9c804011679a2951f13806aa7eca427e5ad70c5132f792f13b9f96efa3c7f882
Cortex XSOAR 6.2.0 (B1321594)
Cortex XSOAR 6.2.0 (B1321594) is a maintenance release that delivers bug fixes and provides a usability enhancement.
- Cortex XSOAR now supports RHEL version 8.1.
- In thetab, theWidget BuilderOperationsCustom Group byand theCustom Calculation on a Fieldare now highlighted in blue for better visibility. In theValuessection, the tooltip wording has been improved.
- (Multi-tenant) In theWidgets Library, you can now edit thePropagation Labelsfor custom and system widgets. This is useful if you want to create a widget for a specific tenant, and control who else can receive the widget.
- When running a script on one engine and a nested integration on another engine, the file results could not be returned to the first engine that triggered the script, due to an incorrect remote path. As a result, the file could not be downloaded from the War Room.
- In an Elasticsearch configuration, when searching for a custom incident (that has been indexed) with a timer, such ascustomerbugsslaStatus:late, no results were returned due to a mapping issue.
- In some cases, when upgrading to Cortex XSOAR 6.2, not all engines were upgraded.
- When running a task size query, if the server configurationsearch.default.andwas set tofalse, incorrect data was returned.
- In some cases, after upgrading an engine to Cortex XSOAR 6.2 using RPM or DEB files, the engine would not start.
- When querying indicators using filter fields, an error message appeared due to some indicators not being not formed correctly in the database.
- In a multi repository environment, sorting a column widget did not work as expected.
- When upgrading to version 6.2, a critical error appeared on the disaster recovery server due to missing diagnostic and execution metrics that corrupted the disaster recovery server.
- Sometimes aCannot read property 'forEach' of nullerror message appeared in theIncidentandHomepages. After clicking the message, the user either returned to the previous page or the login page, which was due to an incident field grid type not containing column data.
- When configuring a new button on a layout, after clicking the curly brackets in a field in theButton Settingsdialog box, the new dialog box did not appear as expected.
- When running a script based widget, groups with the name “Other” were removed.
- In some cases, after an upgrade to Cortex XSOAR 6.2, the server would not start due to an existing empty database partition,
- (Multi-tenant) When using a shared engine, tenants were able to access the engine logs.
- (Multi-tenant) When the SAML integration is configured, the host log file will include panic error logs during host registration.
Installation file hash:b3e7f08c1a66c91b728ff63bf84d353f53d8bd075fafe9eae8b95a0e93cb3cf8
Cortex XSOAR 6.2.0 (B1271082)
Cortex XSOAR 6.2.0 (B1271082) is a maintenance release that delivers the following bug fix:
Recommended For You
Recommended videos not found.