UVM Security Management Appliance Software 3.2.5 release notes

January 7, 2021

New features and enhancements:

• Implemented Low-Privilege UVM Services.
• Removed x-powered-by from AAR/reverse proxy headers when installed.
• Replaced SHA1CryptoServiceProvider.
• Removed PasswordSafe license requirement for High Availability.
• Updated DotNetZip library used by our application.
• Login page messaging improvements.
• Removed extra logging functions from Configuration Wizard.

Issues resolved:

• Resolved issue in which the server was inaccessible until Firewall service was cycled.
• Resolved issue in which BeyondTrust Appliance API Key Management service crasheed unexpectedly.
• Resolved issue in which Trigger Connections Test is disabled on API Key Maintenance page.
• Prevented restores on Appliances in High Availability.
• We now show update status as Skipped if all steps are skipped.
• Resolved issue in which the Appliance Software Version tile appeared empty.
• Resolved issue in which Swap Roles on a SQL-Free worked, but returned an Internal Server Error to the UI.
• Resolved issue with backup files and auth codes and special chars in names.
• Resolved issue in the UVM HA Monitoring Service in which the log file was creating error logs about depreciated service eEyeWebSvc.
• Resolved issue in which the user was able to click Schedule backup button multiple times.
• Resolved issue in which UVM50 appliances which have their DB split into multiple parts did not correctly display DB size on HA page.
• Resolved issue in which the list of notifications cuts off the top of the first one.
• Resolved issue in which the footer on notifications page does not stay at the bottom and has notifications that display over top.
• Resolved issue in which product versions did not display on the LCD panel.
• Resolved issue in which the Include Session Files in Backup option was unchecked after checking it for the schedule.
• Resolved issue in which the list of appliance software versions changed sort order. The Security Mgmt Appliance version was no longer on top.
• Resolved issue in which the EventServiceAppPool and PolicyServiceAppPool services were stopped and did not start after running configuration wizard on a Hyper-V image.
• Resolved issue in which the Login card did not indicate a reboot is required when there was a pending reboot.
• Resolved issue in which the complete text of a notification was unviewable.

Known issues:

• 2020-R1 and 2020-R2 images missing SQL Analysis Server permissions. This causes backups to fail when Analysis/Reporting roles turned on.
• UVM Self-signed certificate does not have subject alternate name (which does not support HSTS).
• UVM Management Appliance can complete and not indicate a reboot is required but the web login card does.
• When EVAL license is used ,an unnecessary call is made to GetRegInfo.
• When NTP and Auto Synchronization is set to NONE, the appliance is still setup to synchronize to the Internet at time.windows.com.
• A slider in General Settings is not retaining its value when page is reloaded.
• Selecting Use NTP server for time in General Settings results in an error.
• Password input boxes in Roles Editor and Maintenance do not clear the input box when submitted.
• An error returned from the WebSocketAuthTicket Service on the API key management page may display in the Description input box for registering an API key.
• Enabling Export Settings is not retained.

Notes:

• This update is available via the BeyondTrust Updater or as a manual installer from the download tool.
• Shipping on new Appliance Images in January 2021.
• This install is dependent on SUPI 3.0 being installed first (all UVM versions since 3.2.2 have this requirement).