Sophos Reporter Release Notes
   All Release Notes Sophos Reporter 3.0.1.57 (2021-12-22)
  • Added mitigations for log4j “Log4Shell” vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2021-44228). Fastvue Reporter now starts Elasticsearch with the JVM property that mitigates the vulnerability in Elasticsearch 5.6.14 (the version that Fastvue Reporter uses).

    Unfortunately, we cannot easily update Elasticsearch or its Log4j version at this time, so Fastvue Reporter may still trigger vulnerability scanners.

    Please see our article on further mitigation steps and latest updates: How to mitigate the Log4j vulnerability on your Fastvue Reporter server.
  • Fixed Security Group filtering for users with a different sAMAccountName to the user portion of their User Principal Name in Active Directory (e.g. sAMAccountName = testuser but UPN = testuser2@domain.com)
  • Fixed issue where the YouTube Videos widget showed a blank row with ‘unknown video’ thumbnail image when exported to PDF.
Download Latest Update