TMG Reporter Release Notes
   All Release Notes TMG Reporter 4.0.1.50 (2021-07-26)
  • Fixed a critical security vulnerability where anyone with access to the Fastvue Reporter site could potentially exfiltrate the credentials specified for connecting to your email server, LDAP server, or proxy server.

    Please update your Fastvue Reporter software immediately, and change the password associated with the credentials specified in Settings | Email, Settings | Proxy Server and any specified LDAP server in Settings | Directory / LDAP (you’re not affected if you’re using the ‘Default Domain Controller’ option).

    Also make sure authentication and authorization is configured for the Fastvue Reporter site so that only the required people have access to the site. To do this, see our KB article: How do I secure the Fastvue Reporter interface with login credentials. ​​

    Thank you to security researcher, Sina Kheirkhah (LinkedIn, Twitter), for reporting the vulnerability.
  • When the Memory Settings in Settings | Diagnostic | Database are set to ‘Automatic’, the JVM Xms (initial heap size) now scales from 256MB to 2GB depending on total physical RAM.
  • Fixed issue preventing the ‘no syslog data received’ alert from triggering. To configure this alert see our KB article: How to setup email notifications when syslog data is not received.
Download Latest Update