Qualys WAS Engine 8.1 Released

Dave Ferguson
Dave Ferguson, Director of Product Management, Web Application Security
- 2 min read

Last updated on: December 21, 2020

I’m pleased to announce that Qualys WAS Engine 8.1 has been released to all Qualys platforms including private cloud platforms. This release is part of our ongoing effort to continuously improve the Web Application Scanning scan engine.

In this release, new detections were added:

  • QID 150293 for a vulnerability in the Page Builder WordPress plugin (CVE-2020-13643).
  • QID 150294 for a vulnerability in the PageLayer WordPress plugin.
  • QID 150295 for a vulnerability in the bbPress WordPress plugin (CVE-2020-13693).
  • QID 150296 for a remote code execution vulnerability in Apache Tomcat (CVE-2020-9484).
  • QID 150297 for a vulnerability in Drag and Drop Multiple File Uploader WordPress plugin (CVE-2020-12800).
  • QID 150299 for a deserialization vulnerability in Telerik UI for ASP.NET AJAX (CVE-2019-18935). This QID is in core detection scope as well as the “Experimental” detection category.
  • QIDs 150301 and 150302 for internal IP address disclosure in F5 BIG-IP cookies and Citrix Netscaler cookies. Both QIDs are in core detection scope.

This release also includes the following changes:

  • Fixed a false positive for QID 150004 (path-based vulnerability) in certain cases where a redirection occurs.
  • Improved the reporting of cookie-related QIDs. The full HTTP response header section is now provided allowing you to see the exact “Set-Cookie” header and cookie attributes returned by the server.
  • Change to address a false negative for QID 150124 (clickjacking) when a large number of timeouts or connection errors occur during a scan.
  • Introduced two new informational QIDs to report when the scanner encounters Swagger/OAS file parsing errors or warnings. The QIDs are 150291 and 150292.
  • Implemented additional changes to address scan errors that could occur due to slow DNS lookups.
  • Existing detections for Telerik vulnerabilities (QIDs 150252 and 150285) were added to core detection scope.
  • QID 150085 was removed from core detection scope due to its diminished relevancy

As always, if you encounter any problems in your WAS scans, please open a support ticket by selecting Help–Contact Support while logged into the platform. Feel free to post a question on the Qualys Community site as well.

Happy scanning.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *