SecurityIQ Released E-Fixes – April 2019
SecurityIQ 6.1
| Identifier | Description | Components | Affected Versions | Fix Version | Fixed In |
|---|---|---|---|---|---|
| SIQETN-2162 | NetApp (multiple fpolicy) Physical BAM records deleted when editing the application in the admin client | Administrative Client, Agents - NetApp CIFS BAM, Business Resource Crawler - NetApp CIFS | 5.1, 5.1p1, 6, 6.1 | 6.1 | 6.1SP1 |
| SIQETN-2169 | Event Manager can consume a lot of RAM when many Data Classification entries exist | Event Manager | 5.1, 5.1p1, 6, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2209 | Data Classification Results do not include all DFS resources when filtering by DFS app or app type | Database | 6, 6.0SP1, 6.0SP2, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1 |
| SIQETN-2228 | Active Directory SSL not fully supported | Agents - Active Directory BAM | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2297 | Exchange Online crawler unable to retrieve mailboxes | Business Resource Crawler - Exchange | 5.1, 5.1p1, 6 | 5.1p1, 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2326 | Renaming Task Schedule is removing the filter applied to the task for Delete Query Results | Task Scheduler | 6.0SP2, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2335 | Data Classification - folders with many classified files can cause a timeout | Data Classification | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2336 | New Access Requests - Always shows DFS as requestable | SecurityIQ Website | 6 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2338 | New Access Request - Application has defunct access request template after template deletion | Administrative Client | 6, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2339 | Data Classifiction: Data Classification: Regex Verifiers Update | Data Classification | 6.1 | 6.1 | 6.1SP1, 8 |
| SIQETN-2342 | Sharepoint Online Permission Collection - ignore site collection exclusions | Permissions Collection - SharePoint Online | 6, 6.0SP1, 6.0SP2, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2343 | Website Dashboard, Database and KPI Improvements | Database, SecurityIQ Website | 5.1, 5.1p1, 6, 6.0SP1, 6.0SP2, 6.1 | 5.1, 5.1p1, 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2359 | Data Classification Keyword policy objects contain empty values and colons (:) | Data Classification | 6, 6.0SP1, 6.0SP2, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2363 | Forensics Data Classification - Slow load time | Database | 6, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2364 | Dashboard KPI PII - Dashboard KPI Calculations and DFS Resources | KPI, SecurityIQ Website | 5.1, 5.1p1, 6, 6.0SP2, 6.0SP3, 6.0 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2368 | Elasticsearch re-index task fails immediately | Elasticsearch | 5.1p1, 6, 6.0SP1, 6.0SP2, 6.1 | 5.1, 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2382 | AzureAD access token auto refresh doesn't work | Identity Collector | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2393 | DFS Crawler link target matching is case sensitive when using Collectors | Business Resource Crawler - DFS | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2394 | Task Management - tasks remain in a Running status when a service restarts/crashes | Server, Task Scheduler | 5.1, 5.1p1, 6, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2406 | Duplicate ra_user records show up as Orphan SIDs due to cross-domain permissions collection | Permission Collection, SecurityIQ Website | 5.1, 5.1p1, 6, 6.0SP2, 6.0SP3, 6.0 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2437 | EMC Activity Monitor - Incorrect activities path when configured with aliases | Agents - EMC Celerra BAM | 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2439 | DC Indexer attempts to read zero sized files | Data Classification | 6.1 | 6.1 | 6.1SP1 |
| SIQETN-2441 | DFS crawling failed with primary key violation | Database | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2448 | Unable to login if account owns multiple resources with duplicate paths | Business Website | 5.1, 5.1p1, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2453 | v6.1 SP1 Sharepoint Permission Type Containments | Permissions Collection - SharePoint | 6.1 | 6.1 | 6.1SP1 |
| SIQETN-2456 | Alert Rules don't work when applied on a boolean attribute or a DEC related attribute | SecurityIQ Website | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2459 | Website page load error when DB timestamps are not in sync with website datetime | Business Website | 6.0SP2, 6.0SP3, 6.1 | 6.0SP2, 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2462 | File Server Permission Collection hangs if an unknown share permission type is encountered | Permission Collection | 5.1, 5.1p1, 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 5.1, 5.1p1, 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2463 | HDS Activity Monitor fails to capture activities | Agents - HDS BAM | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2464 | Exchange Activity Monitor, Crawler, and Permission Collection fixes and optimizations | Agents - Exchange BAM, Business Resource Crawler - Exchange, Permissions Collection - Exchange | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2465 | AzureAD - Move responsibility away from the OAuth Mini-Site | Identity Collector | 6.1 | 6.1 | 6.1SP1, 8 |
SecurityIQ 6.0
| Identifier | Description | Components | Affected Versions | Fix Versions | Fixed In |
|---|---|---|---|---|---|
| SIQETN-2073 | Campaign report performance | Report - Campaign Entitlements Summary | 5.1, 5.1p1, 6, 6.0SP1 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2111 | Box - No Events received | Agents - Box BAM | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2114 | Add local time for email alerts from activity monitoring | Activity Monitoring, Report - Alerts, Server | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2117 | Role Path does not show in the User Membership in Groups results in Admin Client | Administrative Client, Permission Collection | 6 | 6 | 6.0SP1, 6.1 |
| SIQETN-2119 | Resources created by Activity Monitoring, may be created with wrong hierarchy or appear as roots | Agents, Event Manager | 5.1, 5.1p1, 6, 6.1 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1SP1 |
| SIQETN-2120 | all Not X operators nor working for WPC fields in Activity Forensics (Not Contains, Not starts with, etc.) | Business Website, SecurityIQ Website | 6 | 6 | 6.0SP1 |
| SIQETN-2122 | Permissions which are no longer relevant are not properly deleted | Permission Collection | 5.1p1, 6, 6.0SP1 | 5.1p1, 6, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2128 | Group Membership info for an activity not enriched, if the group name has a special character like bracket | Activity Monitoring | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2129 | Resources are created with plain drive letters | Agents - Windows File Server BAM | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2131 | NetApp mount points are not being crawled | Business Resource Crawler - NetApp CIFS | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2135 | Exchange activity not getting AD enriched | Agents - Exchange BAM, Event Manager | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2136 | Generating reports sometimes fails. | Reporting Service | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2139 | Hierarchical queries are limited to 100 recursive loops | Database | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2152 | PC and DC services taking too long to start can timeout and stop | Collectors, Data Classification, Permission Collection | 6 | 6 | 6.0SP1, 6.1 |
| SIQETN-2153 | SharePoint IIS logs defined to be written under an explicit local path in a multi-server farm aren't collected in Automatic mode | Agents - Sharepoint BAM | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6 | 6.0SP1, 6.1 |
| SIQETN-2157 | RabbitMQ fails to start when installed on a path with spaces which is not on the system drive | Setup - Server Installer | 6 | 6 | 6.0SP1, 6.1 |
| SIQETN-2169 | Event Manager can consume a lot of RAM when many Data Classification entries exist | Event Manager | 5.1, 5.1p1, 6, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2174 | Can't set an owner to a DFS BR with an underscore | User Interface | 6 | 6 | 6.0SP1, 6.1 |
| SIQETN-2177 | Reports Creation Date field in the SecurityIQ Website displays "Invalid Date" or an incorrect date | SecurityIQ Website | 5.1, 5.1p1, 6 | 6 | 6.0SP1, 6.1 |
| SIQETN-2178 | RabbitMQ Crawler Engine fails near completion when running over 3 hours | Business Resource Crawler, RabbitMQ | 6 | 6 | 6.0SP1, 6.1 |
| SIQETN-2188 | Collector Manager - Installation fails when service account password contains double quotes | Setup - Agent Installer | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2197 | Slow service startup can cause windows service start failure | Agents - Google Drive BAM | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2198 | Data Owner and Resource Dashboards Loading Failed | SecurityIQ Website | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2203 | EMC Isilon Activity Monitor: Short path expansion(path with tilde) can cause delays in event reader thread | Agents - EMC Isilon CIFS BAM | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2206 | Excel data classification does not extract number fields | Data Classification | 6 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2209 | Data Classification Results do not include all DFS resources when filtering by DFS app or app type | Database | 6, 6.0SP1, 6.0SP2, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1 |
| SIQETN-2225 | Elasticsearch Reindex Events task fails on JSON parsing error | Task Scheduler | 5.1, 5.1p1, 6, 6.0SP1 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2228 | Active Directory SSL not fully supported | Agents - Active Directory BAM | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2231 | Unable to normalize folder because error finding domainData in cache by DomainName | Access Fulfillment - File Server | 5.1, 5.1p1, 6 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2232 | Events stuck in the Event Collector queue because of Classification replication across DFS link targets | Event Manager | 5.1p1, 6 | 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2234 | Data Classification Rule Using "Contains None of" Works as "Contains Any/All of" | Data Classification | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2235 | Automatic Access Fulfillment task not being created for revocation of user membership in groups | Workflow Engine - Access Certification | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2236 | WCF services fail to start on Operation Timeout error | WCFServices | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2237 | Data Classification Enhancements - Post 6.0 release | Data Classification | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2243 | Data Classification: DB Delete fails with conflicted REFERENCE constraint when re-indexing | Data Classification | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2247 | Google Drive events can't be parsed, ArgumentOutOfRangeException | Agents - Google Drive BAM | 5.1, 5.1p1, 6, 6.0SP1 | 5.1, 5.1p1, 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2248 | Crawler exclusion regex doesn't prevent the Crawler from trying to access site collections | Business Resource Crawler - SharePoint | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2249 | SharePoint IIS logs can't be read when a non-log / badly formatted file exists in the log folder | Agents - Sharepoint BAM | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2254 | Restricting communications to TLS 1.2 prevents RabbitMQ communications | Data Classification, Permission Collection, RabbitMQ | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2259 | Permission Collection likely to timeout when including long running Identity Sync | Permission Collection | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2260 | Google Driver Permission Collection with Collector fails to collect permissions if crawler has not been run while Collector service has been running | Permissions Collection - Google Drive | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2268 | Wrong Max Recursion syntax on Permission Collection on a specific BR | Permission Collection | 6, 6.0SP1 | 6.0SP2 | 6.0SP2, 6.1 |
| SIQETN-2269 | Permission queries for DFS Applications can cause high CPU usage | Database | 6, 6.0SP1 | 6.0SP1 | 6.0SP2, 6.1 |
| SIQETN-2271 | EU License Plate Regex fails to parse | Data Classification | 6, 6.0SP1 | 6.0SP2 | 6.0SP3, 6.1 |
| SIQETN-2273 | NetApp CIFS 7-Mode + Tunneling - Permission Collection doesn't work | Permissions Collection - NetApp CIFS | 6, 6.0SP1, 6.0SP2 | 6.0SP2 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2294 | Business Website fails to load (timeout) - due to long running .getOwnedResources | Business Website | 6, 6.0SP1, 6.0SP2 | 6.0SP2 | 6.0SP3, 6.1SP1 |
| SIQETN-2297 | Exchange Online crawler unable to retrieve mailboxes | Business Resource Crawler - Exchange | 5.1, 5.1p1, 6 | 5.1p1, 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2298 | Sensitive Account Exclusions causes erroneous "must_not" ES clause (missing comma) | Data Classification, Elasticsearch, Task Scheduler | 6, 6.0SP1, 6.0SP2 | 6.0SP2 | 6.0SP3, 6.1SP1 |
| SIQETN-2322 | Permission Collection fails for NetApp C-mode with Load Sharing Mirror Volumes | Permissions Collection - NetApp CIFS, Permissions Collection - NetApp NFS | 6.0SP2, 6.1 | 5.1p1, 6.0SP2 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2326 | Renaming Task Schedule is removing the filter applied to the task for Delete Query Results | Task Scheduler | 6.0SP2, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2335 | Data Classification - folders with many classified files can cause a timeout | Data Classification | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2336 | New Access Requests - Always shows DFS as requestable | SecurityIQ Website | 6 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2338 | New Access Request - Application has defunct access request template after template deletion | Administrative Client | 6, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2342 | Sharepoint Online Permission Collection - ignore site collection exclusions | Permissions Collection - SharePoint Online | 6, 6.0SP1, 6.0SP2, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2343 | Website Dashboard, Database and KPI Improvements | Database, SecurityIQ Website | 5.1, 5.1p1, 6, 6.0SP1, 6.0SP2, 6.1 | 5.1, 5.1p1, 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2359 | Data Classification Keyword policy objects contain empty values and colons (:) | Data Classification | 6, 6.0SP1, 6.0SP2, 6.1 | 6.0SP2, 6.1 | 6.0SP3, 6.1SP1, 8 |
| SIQETN-2363 | Forensics Data Classification - Slow load time | Database | 6, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2364 | Dashboard KPI PII - Dashboard KPI Calculations and DFS Resources | KPI, SecurityIQ Website | #VALUE! | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2368 | Elasticsearch re-index task fails immediately | Elasticsearch | 5.1p1, 6, 6.0SP1, 6.0SP2, 6.1 | 5.1, 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2382 | AzureAD access token auto refresh doesn't work | Identity Collector | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2391 | Normalization fails and rollback to snapshot is unsuccessful | Access Fulfillment - File Server | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2393 | DFS Crawler link target matching is case sensitive when using Collectors | Business Resource Crawler - DFS | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2394 | Task Management - tasks remain in a Running status when a service restarts/crashes | Server, Task Scheduler | 5.1, 5.1p1, 6, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2406 | Duplicate ra_user records show up as Orphan SIDs due to cross-domain permissions collection | Permission Collection, SecurityIQ Website | #VALUE! | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2437 | EMC Activity Monitor - Incorrect activities path when configured with aliases | Agents - EMC Celerra BAM | #VALUE! | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2441 | DFS crawling failed with primary key violation | Database | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1 |
| SIQETN-2443 | Permissions show wrong group in a partial migration scenario | Permission Collection | 6, 6.1 | 6.0SP2 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2448 | Unable to login if account owns multiple resources with duplicate paths | Business Website | 5.1, 5.1p1, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2456 | Alert Rules don't work when applied on a boolean attribute or a DEC related attribute | SecurityIQ Website | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2459 | Website page load error when DB timestamps are not in sync with website datetime | Business Website | 6.0SP2, 6.0SP3, 6.1 | 6.0SP2, 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2462 | File Server Permission Collection hangs if an unknown share permission type is encountered | Permission Collection | 5.1, 5.1p1, 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 5.1, 5.1p1, 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2463 | HDS Activity Monitor fails to capture activities | Agents - HDS BAM | 6, 6.0SP1, 6.0SP2, 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
| SIQETN-2464 | Exchange Activity Monitor, Crawler, and Permission Collection fixes and optimizations | Agents - Exchange BAM, Business Resource Crawler - Exchange, Permissions Collection - Exchange | 6.0SP3, 6.1 | 6.0SP3, 6.1 | 6.0SP4, 6.1SP1, 8 |
Legend
Affected Version – is the version on which the issue occurs, or that’s affected by the issue
Fix Versions – are the versions for which a fix exists
Fixed In – Is the first version in which the issue is already fixed, i.e., the fix is already included in that version
Version history
Contributors
-
Former_User
