The following enhancements and improvements are now available to Censys ASM and Search customers.
Censys ASM
- Fixed several bugs impacting the displayed risk count in the ASM console. The Overview dashboard, Trends & Benchmarks dashboard widgets, and Asset Inventory now display the correct risk count.
- You may see a drop in active risks on the Trends & Benchmarks dashboard. This is expected, as Censys is changing how this dashboard is calculating risks.
- On the Risk Instances page in the ASM console, the port, service name, and risk change history are now displayed in the expanded risk display.
Updates to end-of-life software versions in ASM
The end-of-life (EOL) versions for existing risks associated with the following software in ASM have been updated to reflect their most up-to-date EOL versions. The following table provides a complete list of affected software.
| Software | EOL Versions |
| MySQL | Versions 5.7 and below, between 8.1 and 8.3, and between 9.0.0 and 9.0.1 are considered end of life. |
| PostgreSQL | Versions 12.2 and below are considered end of life. |
| MariaDB | Versions below 10.3, between 10.7.0 and 10.10.7, and between 11.0.0 and 11.3.2 are considered end of life. |
| MSSQL | Versions 12.0.6449 and below are considered end of life. |
| Elasticsearch | Versions below 7.17 are considered end of life. |
| Kubernetes | Versions 1.29.9 and below are considered end of life. |
| Redis | Versions below 6.2, and between 7.0 and 7.2 are considered end of life. |
| Python | Versions below 3.9 are considered end of life. |
| Exim | Versions below 4.98 are considered end of life. |
| Apache Traffic | Versions below 10.0 are considered end of life. |
| Microsoft IIS | Versions below 10.0 are considered end of life. |
| PHP | Versions below 8.1.0 are considered end of life. |
| OpenSSL | Versions below 3.0.0 are considered end of life. |
| Nginx | Versions below 1.26 are considered end of life. |
| Red Hat JBoss EAP | Versions below 7.0 are considered end of life. |
| ASUS Routers | Added support to identify over 270 end of life ASUS routers. |
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:
- Linear eMerge OS Command Injection nCVE-2024-9441]
- Microsoft SharePoint Vulnerabilities sCVE-2024-38094 and Others]
- CyberPanel Command Injection Vulnerabilities sCVE-2024-51567, CVE-2024-51568]
New Fingerprints
Added or updated the following fingerprints:
| Type | Name | Description | Query |
| software | ZFile | This is a ZFile Server. |
