The following enhancements and improvements are now available to Censys ASM and Search customers.
Censys ASM
- Added a card for Axonius to the Integrations Marketplace in the ASM console.
- This integration is developed and maintained by Axonius.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:
- Unrestricted File Upload Vulnerability in Multiple Cleo File Transfer Products sCVE-2024-50623]
- Veeam Service Provider Console RCE ECVE-2024-42448]
- Use the following queries to map Veeam Service Provider Consoles. Not all of these are necessarily vulnerable, as specific version information may not be available.
- Censys Search query
- Censys ASM query
New Fingerprints
Added the following fingerprints:
| Type | Name | Description | Query |
| risk | Vulnerable Cleo Instance eCVE-2024-50623] | This service is running a vulnerable version of Cleo Harmony, VLTrader, and LexiCom that is affected by unauthenticated remote code execution vulnerability CVE-2024-50623. | |
| software | Cleo Harmony | This is a Cleo Harmony Managed File Transfer server. | |
| software | Fortinet FortiAIOps | This is a Fortinet FortiAIOps server. FortiAIOps simplifies LAN and WAN network management and leverages artificial intelligence with machine learning for enhanced network operations. | |
| software | Cleo VLTrader | This is a Cleo VLTrader Managed File Transfer server. | |
| software | Cleo LexiCom | This is a Cleo LexiCom Managed File Transfer server. | Search Query |
