Skip to main content

Hi On-Prem SysMates, 

Can I call you OPSM? Ok, maybe we need to think of a better name (suggestions are welcome in the comments section!). Now, where was I? Oh yeah! Our new version, which also includes Linux, is up and ready for your upgrade: 

Download SysAid v22.3.35 On-Prem Release

 

Highlights include:

New “Additional Data” box gives filtered information on the SSP ticket view giving you only the information you need

SFfSGRvt2OfDlSBdczTtCPpNbcYRMrvMo4WTtdJdzT_wTL-4rrkBtIzyUT7lIk3o3OFt2oPsSEIn1S-A-hgKmJV55XkGIKAWA5ilMwRhB8g4tvIqUkbuFGv68JESdQCi3mXNu5EHpOU2KtvTr-7UWg6r3S8ccT_lWm7kD3MriAzMe3eH3JMjD7xwNB63NWLE=s2048

Users now enjoy a “cleaner” view of their ticket information in the Self-Service Portal (SSP).

The Additional Data box in the ticket view includes only relevant fields (per ticket template) that were filled in (upon ticket creation). No more redundant, empty fields.

There’s no need for set up, but admins can easily define fields to be displayed separately in the Ticket Info box in the Settings.

 

Improved Management of Azure Active Directory

t5M17xDoYKan87tmQ-os4WXKUX4hJc_-0pb5US1pJjjfDdPxyVVfH5yTopB6h-OBHfvgOHidr6RUoSOgfwltR76oa7DOpltLtOZgvYMCz7ZvuhTvDLVpnXGKHmRzF0BSCdLVwNgAwPsjmmKhydk1mmOcXARfiiURJPiXY7EJgwcryF31WjG1e4aU6qLAsw

  • Automatic updates: All updates to users and groups in Azure are immediately and automatically synced into your helpdesk. No need for scheduled tasks to synchronize between Azure AD and SysAid.

  • Filters: Reduce clutter and redundant information. Admins can filter which users and groups are imported from Azure into SysAid. Learn more

Reduce tickets generated From junk email addresses 

BFDO-2v9y2ODMaqzvGHGpgRXHxukp-JLUgvEOgY-HffyQsa4mBvJ-UDGOxhJlWJRIpbsIIkTZiL31vno7dDPoybdwqE-uIMi4vfbhFk7U-E1uOpVSY7VdmY8nI4hV81vAG8Sr7u5eDIQyp78GxC8UA76xatRl_f6m-XIUvTjxn4bd7zP7kcoXPbUC2cHrEM=s2048

Eliminate “junk” tickets from your queue. 

Admins can create a blacklist of up to 20 email addresses and/or domains that will be ignored by the Incoming Email integration within SysAid. Emails from these domains will not trigger the creation of a ticket.

Better together: SysAid Slack integration v2.0 

We have added quite a few great capabilities to our Slack integration. Available on SysAid Marketplace

  • Send Slack Direct Messages from SysAid

  • Attach a Ticket to an existing Slack channel or create a new channel

  • Use the SysAid Slash Commands in Slack

    • Create an SR

    • Link a Slack channel to an SR

    • Show pending workflow action items list

  • Approve/Deny SysAid pending action item directly from Slack

  • Security enhancement - Embed access token required for existing accounts

Better control and customization of automation rule triggers

zO3haHiFapmaX-e2P9nIoibMbETewvgrohjRVBlU12er1RLbWGydRwkUE9z0rNFwU5Jvlmi7r83FzZ7hM4dQCVUt6e4U5AXBB8_44A4Xoo6ssMmcOLM0xqUT4j9zh4HeND4DOTBLJS0HEZiHz6gb8zBzr28LQTU5QUotjFSwFJMt0sP7-cfRfzJq7SXqzEc=s2048

By creating a threshold for operating hours, you enjoy better control and customization of automation (escalation) rules. This new field allows you to establish a threshold that automatically distinguishes which rules are to be calculated in operation hours (short-term) and which are calculated by absolute hours (long-term).

The default value for the threshold is set for 168 hours, but you can easily configure it according to your needs. Learn more

In such a scenario, a rule that should run 3 hours after a certain event in a ticket will be calculated by operating hours. A rule that should run once a month, in this case 720 hours, will be calculated in absolute hours. 

The Essentials for Your Move to Microsoft 365 Exchange OAuth 2.0 protocol

Two years ago, Microsoft announced that it will no longer support basic authentication protocols (SMTP, IMAP, POP). The time has come to move to the more secure and updated OAuth 2.0 protocol. Follow these steps to keep going with no interruptions:

On-Premises Linux customers stay current with SysAid

On-Premises Linux users can continue to enjoy the most advanced versions of SysAid, with all of the features and benefits. We will continue to invest in our broad ecosystem so that no customer is left behind. 

Follow this guide for instructions on how to upgrade your SysAid. 

ICYMI: Sunsetting Oracle database for On-Premises

We have decided to sunset our support for Oracle database as part of the effort to optimize our development flow, aligning our On-Prem and Cloud infrastructure to enable streamlined development and releases for you to enjoy.

For accounts using Oracle database we recommend not upgrading further than v21.2.35 until database migration has been performed. 

Reach out to our team to start the conversation for your migration. We are here to support you through this process of moving to MSSQL or MYSQL, and even consider taking the opportunity to reach for the SysAid cloud in partnership with AWS ISV Workload Migration Program.

 

For more about these and the full list of items included in this version, visit our Product Documentation

 

Done Upgrading? 

Let us know how your upgrade went in the comments section or reach out to our Customer Care team via live chat or open a ticket on our Customer Portal if you need assistance.

 

Happy upgrade, 

Maayan


PS, some pins:

📌During upgrading, if you require additional back versions you can find them here (login required). 

📌Tired of the upkeep? Wondering what it would entail to move to the cloud? Talk to us

📌 Want to get notified when new product updates are out? Hit the subscribe button and stay in the know!  

-U9ww8cVZmdKIhHJJfKnyJVIpmEct5M9zy8RaYTvRs5lrKIlrCcKMDYeIGGnbLd3iIFVKc8bJ62CZGAKff1CZoEwwlBUJnTBRrdsr0lNAhaFaUN0JITAvQDzd5jN6Nw9xvv5iSTjl108ADNJei-Ub2G4neON-5zthJ02mEOBVs6oTswpMUYUI5X_HZTOsQ

Hello Maayan, according to our security provider, the version of jquery used by sysaid has vulnerabilities but I don't see any changes in the new version.
When can we have an update on this?

Vulnerability Rating:Medium (CVSS Score: 4.3)

According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.

Recommendations

  • Upgrade to JQuery version 3.5.0 or later.

Resources

  • https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
  • https://security.paloaltonetworks.com/PAN-SA-2020-0007

CVE(s)

  • CVE-2020-11023
  • CVE-2020-11022

Affected Hosts

  • xx.xx.xx.xx (xx.xx.xx.xx)
    URL : https://xx.xx.xx.xx:8443/js/jquery-1.11.0.min.js Installed version : 1.11.0 Fixed version : 3.5.0

Hi @Operaciones Tecnolex,

Thanks for bringing this to our attention, it's our understanding that this mostly relates to XSS attacks which we are constantly monitoring and fixing. Just in the last 2 releases, we have implemented 22 security enhancements including 5 specifically targeting XSS vulnerabilities.  We believe this is the most effective approach rather than trying to remedy this through upgrades of Jquery versions. If your security provider is aware of a specific XSS vulnerability please let us know and we will be happy to look into it right away. Read more about our commitment to security and related certifications here.
Best,


This is now a four year old vulnerability and our team is in discussion with our US Federal government customer about this.  They will require us to remediate during this audit cycle, or discontinue use of the product.  For the government, it is not about whether it’s a “real” issue, but the fact that it’s a persistent known vulnerability which must be fixed to meet their paperwork requirements.  The current version of jquery in Sysaid (1.11.0 ?) is ancient.  It should be updated.