All Release Notes Reporter for SonicWall 2.0.1.50 (2021-07-26)

• Fixed a critical security vulnerability where anyone with access to the Fastvue Reporter site could potentially exfiltrate the credentials specified for connecting to your email server, LDAP server, or proxy server.
  
  Please update your Fastvue Reporter software immediately, and change the password associated with the credentials specified in Settings | Email, Settings | Proxy Server and any specified LDAP server in Settings | Directory / LDAP (you’re not affected if you’re using the ‘Default Domain Controller’ option).
  
  Also, make sure authentication and authorization is configured for the Fastvue Reporter site so that only the required people have access to the site. To do this, see our KB article: How do I secure the Fastvue Reporter interface with login credentials. ​​
  
  Thank you to security researcher, Sina Kheirkhah (LinkedIn, Twitter), for reporting the vulnerability.
  
• Improved memory usage
• Fixed issue extracting VPN start events from SonicWall SMA 1000 series log data.
• Fastvue Reporter now merges VPN sessions for the same user where the start time is +- 1 minute from each other. This is in an effort to remove duplicated VPN sessions where SonicWall sends more than one VPN disconnection event with the second event having a slightly different duration.
• When the Memory Settings in Settings | Diagnostic | Database are set to ‘Automatic’, the JVM Xms (initial heap size) now scales from 256MB to 2GB depending on total physical RAM.
• Fixed issue preventing the ‘no syslog data received’ alert from triggering. To configure this alert see our KB article: How to setup email notifications when syslog data is not received.

Download Latest Update