Features:
- SSL ciphers.
- New secure ciphers added.
- Removed insecure ciphers.
- Login OPTIONS in HTTP response.
- Disabled dangerous options & methods on the server (e.g. PATCH).
- Restrict concurrent sessions to one.
- For example, users can't log in twice from two different browsers, computers, or in incognito and standard mode.
- Inadequate session time out for process management tab.
- Session timeout is now configurable.
- Updated Apache Tomcat to V. 9.0.85
Bug fixes:
- MC-7327 - An adversary can exploit the known flaws of any 3rd party API used in the application (reporting framework, etc)
- MC-7352 - Failed to sign up to Blancco Cloud.
- MC-7353 - Not able to save changes to workflow with BMC v5.17.0 using MS SQL server.