Skip to main content

Release Updates (v2.6.1)

The following release updates are available for CxIAST version 2.6.1. Use the search tool to find a specific subject.

New Features and Changes

CxIAST version 2.6.1 includes the following new features and changes:

Category	Feature
Setup & Configuration	Version upgrade: If you have CxIAST version 2.5.0 installed, it is required to clean the DB and uninstall the version before upgrading to v2.6.1 installation. Eclipse Vert.x for Java - version 3.1 and above WebLogic Server - version 12cR2 and above Supports domain user access to MSSQL server
Installation & User Management	Role-based Access Control: Roles determine what actions a user is allowed to do - ranging from a limited reviewing capability (CxIAST Reviewer) to full control (CxIAST Admin) Users: Import new LDAP users from LDAP directory, add roles & teams to users, edit user details, reset existing user password Teams: Map groups to the LDAP directory, structure hierarchy of teams, assign users to teams, add/delete/rename teams Settings: Configure LDAP Server settings & Directory settings, performing LDAP synchronization Single Sign-On (SSO) over LDAP: Authenticates CxIAST users against the LDAP server Synchronizes users and groups with the LDAP server
Interface	Enhanced interface allows assignment of vulnerabilities to CxIAST users, and has an improved vulnerability presentation for several vulnerability types: Click_Jacking Missing_X_Content_Type_Options_Header Missing_X_XSS_Protection_Header Insecure_Outgoing_Communication Outgoing_Connection_Discovery Application_Entry_Point
System Management	Query Editor with User Experience improvements (such as programming language selector) and IDE-like capabilities
Licensing	Time-based license enforcement, with the ability to be extended if needed
Node.js closed beta	Version highlights: Supported versions: Node.js 6 and above Supporting all Web frameworks Ecmasript6 and below Supported databases: MongoDB, MySQL, PostgreSQL

Known Limitations

Category	Limitation
Setup & Configuration	When JAVA_HOME is set incorrectly, some components and services cannot be installed/run correctly. To solve this, remove JAVA_HOME or re-configure it correctly (will be fixed in 2.6.1).
	If the installer fails in the middle you can observe the inner logs in the TEMP folder. In Windows → type: %temp% and look for the last *i4j_log.log** file
	If you run CxIAST services (CxIAST_Manger & CxAccessControl) under a user domain account and the account's password is changed, the services should be logged on again with the new password - otherwise the services won't start.
Access Control (CxAC)	CxAccessControl doesn’t support .NET Core SDK 2.1. Only .NET Core SDK 2.0 is supported at the moment (will be fixed in 2.6.1).
Query Editor	Custom queries created on the previous version should be fixed, as the syntax was slightly changed: FindOnTraces should be removed Click on Validate to see if the syntax is correct

The release update is also available for download here.

Send Documentation Feedback - If you have comments about this documentation, you can contact the documentation team by sending your feedback to us. We appreciate your feedback!

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.