Privileged Access Service 23.1.2 Release Notes

This update includes the following features, updates, and other changes. These release notes cover information specific to Privileged Access Service.

New Features

Logging Enhancements for 23.1.2

  • This update includes log entries for API events including any updates to the following:
    • Roles
    • Systems
    • Settings
    • Tenant configurations regarding IP addresses
    • Logins
    • Privilege elevations
    • Machine resources.
  • Additional details have been integrated to log events when PE commands are deleted or edited, permissions are removed or added, systems are added or removed from a set, and when adding users to a portal.

Resolved Issues and Changes in 23.1.2

  • Fixed an error with Cloud Suite Agent login where redirect users failed when 'Authenticate Profile' was set to 'Password + Mobile Auth'. (459211)
  • Fixed an error when the Web RDP to Windows System had the RDP settings 'Window Size' set to 'Full Screen', and scroll bars on the bottom right of the Web RDP session screen appeared. (512725)
  • Fixed an error where Alma Linux Cloud Suite Agents were not able to report their proper version and automatically upgrade. (518314)
  • Fixed an error where the DynamicInvoker would fail on a AWS hosted tenant when red rock queries were invoked for specific function calls due to additional required parameters. (525097)
  • Fixed a Privilege Elevation command failure where only one RunAs User was listed. (527216)
  • Cloud SuiteTenant has guardrails in place to prevent the execution of queries that return large result sets when gathering data from the events table. These queries are used when generating specific types of reports. During the execution of the reports, large query results may cause excessive strain on resources and impact the performance at both tenant and pod levels. An error in the source code was identified, which allows the system to ignore the existing guardrails and return results of any size. The update will enforce the guardrails and prevent excessively large queries during report generation, minimizing the impact on the Cloud SuiteCloud Suite Tenant's performance. (535762)
  • HSPAS now supports PostgreSQL 14 and 15. PostgreSQL 14 only supports SQL mode. Removed PostgreSQL version 11 because PostgreSQL no longer supports it. (536212, 564747)
  • Fixed the email authentication issues. When users select email as an option to authenticate to PAS, the user won't be seeing a URL link to authenticate in the email which the user has received. The user will have to manually enter the One Time Passcode where the user has initiated the login session. (ref: 469681)
  • Fixed the ability to log in or rotate passwords for AWS Cloud Provider Root Account. (461023)
  • Fixed account password rotation for Multiplexed Accounts. Users with edit, delete and grant permissions for the Multiplex Account will automatically have view permission for such accounts. (463715)
  • Fixed an issue when emailing reports of "HTML Table" export type with report parameters of integer type would fail. (466537)
  • HTML requests to reports data provider RedRock endpoint are protected with the user's role report management. (468164)
  • Fixed IOS enrollment issues affecting some tenants who were unable to enroll on the IOS mobile app. (470660)
  • Fixed adding command sets to Global Privilege Elevation. Users will now be able to add command sets. (474752)
  • Fixed Privilege Elevation addition wizard for enrolled system second step. The add button is enabled only when 'user', 'group', or 'role' is chosen. (474862)
  • Errors in the workflow process were corrected, allowing access to secrets. (464006)