Hi All,
This Cloud version we continues to elaborate our Azure and OKTA integrations and fix a bug in Reports module as well.
Check IT all out
ICYMI: SysAid Slack Integration v2.0 has been released!
We have listened to your requests and added quite a few great capabilities to our integration with Slack.
[url=https://www.sysaid.com/it-service-management-software/marketplace/slack?utm_source=SysAid-Community&utm_medium=post&utm_campaign=Latest-RN-Cloud]Available on SysAid’s Marketplace.
Security Enhancements Recap:
The Israel National Cyber Directorate published a series of advisories including vulnerabilities with the SysAid product. These were brought to our attention prior to the report, and we have already addressed them:
- Tightened security around access to LDAP Imported users via the API. This covers [url=https://nvd.nist.gov/vuln/detail/CVE-2021-36721]CVE-2021-36721.
- Tightened security around uploading files in SysAid. This covers [url=https://nvd.nist.gov/vuln/detail/CVE-2021-22796]CVE-2021-22796.
- Tightened security around access for non-admin users. This covers CVE-2022-22798.
- Tightened security against potential Cross-Site Scripting (XSS) attacks. This covers CVE-2022-23165.
- Tightened security around access to vulnerable files in the SysAid server. This covers CVE-2022-23166.
- For the full review of each issue including description of the issues, and their defined impact see here.
Till Next Time,
Cheers,
Maayan
PS - Want to get notified when new product updates are out? Hit subscribe and you are good!
