Changelog v3.27
- 10 minutes to read
- Print
- DarkLight
- PDF
Changelog v3.27
- 10 minutes to read
- Print
- DarkLight
- PDF
Article Summary
Release date: Monday, January 30, 2023
Find below what's new in the latest version of senhasegura, including new features, product updates, bug fixes, and more.
Highlights
One Identity Manager integration
The integration between senhasegura and One Identity's IGA solution will help you control and manage all accesses from your senhasegura platform. Based on the principles of Identity Governance and Administration (IGA), this integration puts all the privileged information in a single place and mitigates the risks associated with managing user access across multiple environments.
Companies can now better address their identity sprawl and improve their overall cybersecurity posture.
HSM Entrust nShield integration
Hardware Security Modules (HSMs) are used to generate and store encryption keys for sensitive and privileged data. You can now integrate your senhasegura vault with Entrust's nShield HSM, the global leader in HSM solutions, to keep users and data even more secure, help your company comply with all cybersecurity regulations and improve your business standards.
AWS Certificate Manager integration
senhasegura's Certificate Manager integration with AWS Certificate Manager (ACM) offers a great way to sign, provision, manage, and deploy public SSL/TLS certificates, also known as "electronic identities." Our focus is security and traffic protection. senhasegura's integration was designed to provide compatible keys and automate certificate managing processes to ensure no public certificate is compromised throughout its lifecycle.
Changelog per module
PAM Core
Web Application Sessions
Due to a security issue scenario, web application sessions (VNCHTTP) with SSL certificate errors currently require an automation macro to navigate through the invalid certificate and authenticate normally.
Visit our troublleshooting guide to learn more - Link.
We are working on a new solution for future versions
Bug fixes
| Item | Description |
|---|---|
| Bugfix 5058 | Fixed a bug where the system would only recognize one of two simultaneous approvals for a new access group. |
| Bugfix 4489 | Fixed a bug where tygervnc TCP connections were established even after exiting the Firefox container. |
| Bugfix 623 | Fixed conflicting information in the Desktop Dashboard. |
| Bugfix 4927 | Fixed a bug where devices would not appear on the list after adding a credential for a user from a particular tenant. |
| Bugfix 4926 | Fixed a bug where "PAM.PrivilegedAccounts.Credentials.View" could not access the credential details in PAM Core ➔ Credentials ➔ All ➔ Detail. |
| Bugfix 4698 | Fixed a bug where an IP address or hostname could not find credentials. |
| Bugfix 4565 | Fixed a bug where the option to start a session was also shown on devices without Internet access. |
| Bugfix 4530 | Added a message to inform users that, if they are listed in two different access groups, their account will follow the rules of the most restrictive group. |
| Bugfix 4777 | Fixed reports to improve the visualization of grouped data in CSV. |
| Bugfix 4411 | Added strings in Russian to the vault. |
| Bugfix 3810 | Fixed a language-related bug when generating a General Use Dashboard Report. |
| Bugfix 4940 | Fixed bug where "Start Session" button appeared in search bar for credential results even when device had no connectivity causing "Unexpected error" message. |
| Bugfix 5140 | Improved email notifications for video session approvals to meet notifications standards. |
| Bugfix 5013 | Minor changes to the RDP and SSH download shortcuts. |
Product Updates
| Item | Description |
|---|---|
| Update 4524 | New option to enable, disable or edit multiple credentials simultaneously. |
| Update 3797 | More information about access groups added to Audit tracking and Syslog reports. |
| Update 5015 | French language status changed from Beta to Official. |
| Update 4924 | PAM.Devices.View no longer gives access to "Review and Certification" PAM Core ➔ Settings ➔ Access ➔ Review and certification. Instead, "Review and Certification" can now be accessed through "PAM.Settings.List". |
| Update 4742 | Improved user experience: when requesting a session, the window remains open while waiting for approval. |
| Update 4713 | Users can now change the string "View unusual credentials." |
| Update 4627 | Fixed mistranslated strings in the Vulnerability Analysis section. |
| Update 4529 | Confirmation message added when trying to create a credential without a password. |
| Update 4509 | New status: 'In Progress'; only for domain credentials that are currently in use in a domain device. |
| Update 3893 | Changes in Syslog to distinguish emergency accesses from standard accesses. |
| Update 4208 | New rule where access groups can have different approval rules on different days of the week. |
| Update 4201 | Improved naming standards in Desktop Applications and Macros to provide better definitions for each entity. |
| Update 5106 | Groups are now listed alphabetically when a new AD Group Synchronization is added. |
| Update 4894 | Changes in the behavior of the following function: "Allow for password changes after the session starts?" |
| Update 5107 | Changes in the SSH key detail screen to improve user experience. |
| Update 4573 | [host_ip] added as a tag in the list of Web session parameters. |
| Update 4948 | New option for FreeIPA users to change passwords via LDAP/LDAPS. |
| Update 4813 | senhasegura email settings now support OAuth2.0 to authenticate IMAP/POP/SMTP connections. |
New Feature
| Item | Description |
|---|---|
| New feature 4937 | New user role ("PAM Operator - Multi-tenant") can now manage the devices and credentials in a tenant, in multi-tenant environments. |
| New feature 4540 | Added a new option to enable, disable or edit multiple credentials at once. |
| New feature 4531 | New: integration with Entrust HSM nShield. |
| New feature 3547 | New: integration with ITSM GLPI to validate tickets during the Approval Workflow. |
| New feature 5000 | Enabled Polish keyboard and added the option to choose Polish as the language used during sessions. |
| 5685 | Added a default RemoteApp for bypassing insecure certificates. |
Security
| Item | Description |
|---|---|
| Security 4795 | ixed a bug where a "Full Access" access group in a Multi-tenant account would result in users from other tenants also having access to that data. |
Removed Features
| Item | Description |
|---|---|
| Removed Features 4797 | The search icon is no longer visible when watching a recorded session. |
Discovery
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4741 | Fixed a bug in the process used to import devices automatically. |
| Bugfix 4799 | Fixed a bug that returned the domain twice when performing a Domain Discovery. |
| Bugfix 4700 | Fixed a broken form that blocked updates of Container Scans. |
| Bugfix 4248 | Fixed a mistake in one of the strings on the header of the Discovery module. |
| Bugfix 4798 | Fixed a bug that linked glossaries no longer in use to a new glossary. |
| Bugfix 4792 | Fixed an error associated with editing a device. |
Product Updates
| Item | Description |
|---|---|
| Update 4897 | Added an action to reset Scan authentication cache. |
| Update 4896 | Fixed translation texts when editing a glossary. |
| Update 4696 | Added: scan deactivation for the corresponding Discovery. |
| Update 4477 | Removed: the string 'imported' that was repeated as a filter. |
| Update 4326 | Fixed string translation in Discovey module. |
New Feature
| Item | Description |
|---|---|
| New feature 4889 | Added New orbit command to clean up the Discovery database. |
| New feature 4805 | Added Full support for Solaris devices. |
Certificate Manager
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4933 | Fixed error when signing certificates in the Site Blindado. |
| Bugfix 4254 | Fixed error in Certificate Manager when downloading a key imported via Discovery, where the user received a file with the ID instead of the file name in the warehouse. |
| Bugfix 4536 | Fixed: bug hiding the collum grid titles when editing a certificate. |
| Bugfix 3967 | Fixed a bug that downloaded certificates only in the .crt extension. |
| Bugfix 4780 | Fixed the bug that considered unconventional e-mail domains invalid. |
Product Updates
| Item | Description |
|---|---|
| Update 4005 | Added option to generate an instant password for the user to save a request. |
New Feature
| Item | Description |
|---|---|
| New feature 4609 | Added Integration AWS/ACM for Public Certificates. |
| New feature 4810 | Added the ability to download the complete .pfx certificate chain. |
Orbit
Bug fixes
| Item | Description |
|---|---|
| Bugfix 3573 | Fixed a bug that duplicated backup files. |
| Bugfix 4247 | Fixed a blocklist bug where the FORWARD chain is no longer blocked after being unlocked. |
| Bugfix 4463 | Added Portuguese translation for many words within the Orbit module. |
| Bugfix 3854 | Fixed strings translation bug in the German language. |
Product Updates
| Item | Description |
|---|---|
| Update 3820 | Added the possibility to register more than one monitoring server via the screen. |
| Update 4775 | Improved the call to the URL "/flow/orbit/mntr/activate" and the recovery button that normalizes elasticsearch performing stop and start for incident scenarios where the user must assume the autonomous secondary instance. |
| Update 4568 | Added possibility of string registration without informing the HTTPS protocol in the URL. |
| Update 4564 | Added alert to inform administrator that CRON service is not running. |
| Update 4548 | Changed text displayed on the System Updates page. |
| Update 4708 | Added orbit command "orbit default-interface" for resetting network interfaces. |
| Update 4105 | Added a 30 minute timeout to prevent an email sending bug. |
| Update 4632 | Changed new design for the applicantion modules. |
| Update 4716 | Changed the list of modules displayed on the permissions listing screen. |
| Update 3855 | Added strings in the translation for the German language. |
New Feature
| Item | Description |
|---|---|
| New feature 4222 | Comando Orbit criado que permite desbloquear IPs ICMP. |
| New feature 4749 | Adicionado ao Orbit Web Interface, uma opção para liberar o acesso ao Balancer VIP. |
| New feature 2735 | Added AD/LDAP integration tab to add users in Domum module when registering synchronization groups. |
| New feature 3232 | Added the audit tracking process to configuration changes in the ITSM integration. |
| New feature 5135 | Added API Endpoits to manage related users. |
Discontinued
| Item | Description |
|---|---|
| Discontinued 4615 | Discontinued the options "Event log" and "Access denied" located inside the Access to the system item. |
GO Endpoint Manager
Product Updates
| Item | Description |
|---|---|
| Improvement 4019 | Changed senhasegura Go dashboard to report only active and authorized users. |
| Improvement 4913 | Translation fix in Go Enpoint Manager. |
| Improvement 4912 | Fixed the string with the wrong message in the Go Endpoint Manager module. |
GO Endpoint Manager Windows
Product Updates
| Item | Description |
|---|---|
| Update 4923 | Windows User is now registry during agent instalation. |
| Update 4446 | Added independet approval workflow to GO Endpoint Manager. |
| Update 4335 | Added: application version column inside the applications list. |
| Update 4900 | Added the option to change PEDM Windows agent language in the agent interface. |
New Feature
| Item | Description |
|---|---|
| New feature 4784 | Added impersonation elevation in senhasegura.go for Windows. |
GO Endpoint Manager Linux
Product Updates
| Item | Description |
|---|---|
| Update 4745 | Improved user experience in PEDM Linux client installation process. |
Domum Remote Access
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4748 | Added a validation when creating a user that checks if the entered username does not already exist in Domum. |
| Bugfix 5017 | Fixed scenario when prevented access using a macro (RemoteApp) through Domum. |
Authentication
Product Updates
| Item | Description |
|---|---|
| Update 4890 | Improved user experience by changing the "Token" name to "Configure MFA". |
New Feature
| Item | Description |
|---|---|
| New feature 4910 | Added AuthID icon when using as SSO option. |
| New feature 4782 | Added AuthID to OpenID provider list. |
| New feature 3302 | Added new integration through SCIM with the One Identity Manager. |
A2A
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4773 | Fixed the names of the PAM Core and Certificate Manager products. |
| Bugfix 5013 | Fixed the Get and Post paramaters in the A2A. |
New Feature
| Item | Description |
|---|---|
| New feature 4772 | Added option to export report logs with Elasticsearch data. |
| New feature 4895 | New API method for credential serach added to PAM. |
Removed
| Item | Description |
|---|---|
| 5942 | The function that allowed changing or updating an A2A application through an API has been removed. |
DevOps Secret Manager
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4381 | Fixed bug that was changing info about Oauth 1.0 authorization tokens. |
Product Updates
| Item | Description |
|---|---|
| Update 4414 | Added read only/read&write options for authorizations. |
| Update 4781 | Added auto-renewal fields in Secret APIs. |
Security
| Item | Description |
|---|---|
| Secuirty 4929 | Improvement in control credential permission when accessed through API. Added an extra verification step for the API situations. |
| Secuirty 4930 | Password from credentials in Secrets can now only be viewed in PAM Core. |
| Secuirty 4931 | Changed APIs and Secret endpoint permission for security improvement. |
| Secuirty 4932 | Fixed an error when new users without access group could have access to DSM applications. |
Executions
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4242 | Fixed a string translation bug when changing password through Windows RM. |
Product Updates
| Item | Description |
|---|---|
| Update 4251 | Added template category in credential change report. |
| Update 4060 | Improved ssh key exchange to work in SH type shell. |
| Update 3869 | Added the "Requester" field to filter the list of operations in the Executions module. |
Discontinued
| Item | Description |
|---|---|
| Discontinued 4638 | Removed SMB executor plugin. |
Task Manager
Bug fixes
| Item | Description |
|---|---|
| Bugfix 4664 | Fixed: bug inside the 3.24 version that was authenticating a task with the wrong credential in the Task Manager module. |
MySafe
Bug fixes
| Item | Description |
|---|---|
| Bugfix 5082 | Fixed error where approval workflow is activated when editing Access Group in MySafe, going through all steps, and saving without any change. |
Product Updates
| Item | Description |
|---|---|
| Update 4754 | Added license consumption reports in Dashboards ➔ System Consumption ➔ General MySafe. Licensing |
Network Connector
No changes to Network Connector.
Protected Information
Deprecated
This module has been deprecated. For more information, please check the Protected Information.
Translation
Bug fixes
| Item | Description |
|---|---|
| Bugfix 5033 | Fixed translation strings not translated in Settings section. |
Warning
Here you will find the changes to the entire senhasegura platform. Targeting by Part Number is not considered in this document. Consult your sales representative to purchase other features.
Other versions
You can see the older documentation versions here.
Was this article helpful?
