Fixed Issues In Release 101.0.0
Fixed Issues In Release 101.0.0
Here is the list of fixed issues in this release.
| Issue Number | Category | Description |
|---|---|---|
| 206530 | API Data Protection | Fixed an issue in retroactive scan for Microsoft Office 365 OneDrive for Business where the API Data Protection missed triggering a policy for files within a folder. |
| 221773 | API Data Protection | Fixed an issue for Microsoft Office 365 Teams where Teams was not seen in the UI when filtered with an external user. |
| 228804 | API Data Protection | Fixed an issue where a retroactive scan got stuck if the creator of a batch of files was suspended. This issue was observed in Box app. |
| 223898 | API Data Protection | Fixed an issue where CASB-API audit events were incorrectly marked as “Netskope Activity” when inline traffic to the SaaS destination was redirected from Netskope dataplane POPs. This issue was observed in Box app. |
| 217500 | API Data Protection | Fixed an issue which caused retroactive scans to continue processing a SharePoint site document library despite being excluded from the policy definition. This issue was obsered in Microsoft Office 365 SharePoint Sites. |
| 225215 | API Data Protection | If there are multiple attachments with the same name and downloaded through our webUI, the duplicate filenames will be prefixed with random values. This issue was observed in Gmail. |
| 221006, 215695 | Behavior Analytics | Fixed an issue in Behavior Analytics policies where application Instance selection clears when a different Scan Type value is selected. |
| 196923 | CASB Real-time Protection | Netskope fixed an issue where Download activity was bypassed and not detected.Connector changes were done in order to avoid false positives. |
| 222834 | CASB Real-time Protection | Fixed an issue by updating logic for Instance ID extraction in ODFB excel. |
| 223615 | CASB Real-time Protection | This fix improved the Instance ID and “from_user” extraction for Microsoft Outlook. |
| 205350 | CASB Real-time Protection | Fixed a network location issue where the IP range was not working as expected. |
| 207843 | CASB Real-time Protection | Fixed an issue where maxconn value of 2048 was causing connection failures in the authservicelb. The maxconn value is now updated to 8192 which is the value for maximum connections that authservicelb allows to authservice. |
| 221682 | CASB Real-time Protection | A URL access issue where special character failed parsing was fixed by incorporating the special character checks for log-in to SAML > ForwardProxy. |
| 228871 | CASB Real-time Protection | MS Outlook introduced a new URL to fetch the download token, that is. “/service?action=GetAttachmentDownloadToken”. The bug was introduced due to the new URL, and as a fix the new URL is added to the system. |
| 222665 | CASB Real-time Protection | Fixed an issue in O365 Native apps preventing them from getting blocked when both bypassMDM and SAML KVP is configured. |
| 231953 | CASB Real-time Protection | Fixed the existing extraction logic in Google Cloud Platform to provide accurate instance_ids for users. |
| 224142, 224140 | CASB Real-time Protection | Enhanced event detection code for creating a contact and multiple file download detection. Earlier the event was not detected as the traffic was getting changed. |
| 209601 | CASB Real-time Protection | Fixed an issue by adding a new resource to enhance efficiency for from_user extraction. |
| 209936 | CASB Real-time Protection | Netskope fixed an issue where from-user value was missing for some events by improving Instance ID extraction logic for Outlook Native. |
| 220956 | CASB Real-time Protection | Fixed an issue in Microsoft Power Apps where a file upload was undetected. Adding a new resource to support file uploads fixed the issue. |
| 220445 | CASB Real-time Protection | In this fix, Netskope added file_size for the Upload event. The following policies will not work in Upload Activity:
|
| 224862 | CASB Real-time Protection | Fixed an issue by enhancing from_user extraction for attaching a file in mail. |
| 202998 | Cloud Confidence Index (CCI) | Netskope fixed an App Tagging failure due to synchronization issue where UI made consecutive calls. With this fix, only one call is made from UI to CCI service and rest of the services are updated on the backend asynchronously and the UI polls the service for the response. |
| 225732 | Data Protection | Fixed an issue with the Unlikely Matches Filter in which all but the last number in a single-column list of space-delimited numbers was rejected as invalid. For instance, it would only match the second line in the following example: 132 465 798 243 576 809 |
| 218687 | Data Protection | WEB UI is now fixed to display correctly the advanced option selected as “Keywords” or “Regex” while creating or editing entity objects. |
| 215991 | Data Protection | An issue was fixed to select or deselect at least one file attribute which allows to create or modify the File profile. |
| 228051 | Data Protection | Increased DLP backend timeout from 50s to 90s for tenants with increase_dlp_timeout feature flag enabled. |
| 227160 | Data Protection | Fixed a regression issue with the DLP Entity validation framework which impacted only the previous release. It caused increased false positives with the Belgian National ID Number Entity, as well as any predefined or custom Entities that were configured with Luhn validation. Other validators remained unaffected. |
| 193885 | Data Protection | Netskope fixed an issue by adding validation for French INSEE numbers Entity. Earlier the French INSEE number Entity did not have a validation checksum which resulted in false positives. |
| 225627 | Data Protection | URL Lists now supports the domain and sub domain that starts or ends with underscore, but the top level domain (.com) does not allow underscore. For example, _rd-dep_._sample_.com. |
| 221824 | Data Protection | Fixed an issue where Web UI failed to render forensic preview, if the forensic data size was greater than 10 MB. |
| 222620 | DNS Security | With this fix Cloud Firewall applied the default policy rule on the first packet for all the UDP traffic if no explicit policy rule was matched. This avoids any kind of UDP packet leak that was present before. |
| 221660 | Incident Management (IM) | Forensics Files generated by DLP scans and saved to OneDrive and SharePoint, no longer generates DLP incidents of their own. |
| 208021 | Netskope Secure Web Gateway (NG SWG) | Netskope fixed an issue by avoiding policy lookup for achecker URLs. |
| 210254 | Netskope Secure Web Gateway (NG SWG) | Netskope fixed an issue where the Telemetry App Policy Lookup feature was enabled and a transaction had a cloud application associated with both the Host and Referer URLs, CCL policies were evaluated for both applications. This caused unexpected behavior as any associated application event or alert contained the CCL of the Referer only, but the transaction might match a CCL policy based on the CCL of the Host application instead. With this fix, only the Referer application will be used for CCL policy evaluation. If a cloud application is associated with both the Host and Referer URLs there is no change in behavior when the Telemetry App Policy Lookup feature is disabled. |
| 212626 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where in devices page of the site azureiotcentral.com was not loading when tss-scan-v3 was enabled. |
| 156477 | Netskope Secure Web Gateway (NG SWG) | Netskope features a foreground/background detection system which when applied to web traffic enables block alerts for a webpage to be shown only on the main page. Traffic for all native apps that do not have an app-specific connector are subjected to this detection logic. The background detection logic takes into account the response headers sent back from the server, while the response never reaches the user. This might result in a potential information leakage due to the user’s request being fully transmitted to the destination server. To fix this issue, a “native_app_access_notification” feature flag was introduced. Which when enabled causes the traffic to be classified as background traffic therefore bypassing the foreground or background detection logic. Enabling this feature, is subject to all native app traffic evaluation resulting in higher rates of user-facing notification pop-ups. |
| 220068 | Netskope Secure Web Gateway (NG SWG) | Netskope matched the encoding format HTTP response body sent to Client with the one received from server. |
| 206541 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue by creating category based block policy which now displays alert with correct justification usage or false positives. |
| 222710 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where a Page Event incorrectly indicated a page as isolated inspite of taking correct actions. |
| 222073 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where bypass Page Events were occasionally generated with Synthetic access method. These are internally generated connections and events that are not expected to be generated for these types of connections. |
| 226528 | Netskope Secure Web Gateway (NG SWG) | Netskope fixed an issue where certain POST requests of type form-data was not working when DLP rules where enabled. |
| 228171 | Netskope Secure Web Gateway (NG SWG) | Netskope fixed an issue where custom URL category was temporarily missing during custom URL Lists or custom category update. |
| 177723 | Netskope Secure Web Gateway (NG SWG) | Fixed an issue where the names of renamed user groups were not displayed in the Real-time Protection policy detail view. |
| 180546 | Netskope Secure Web Gateway (NG SWG) | An issue where user was unable to click and edit on a policy even when other related data was loading and the issue was fixed by optimizing policy table. |
| 218755 | Netskope Secure Web Gateway (NG SWG) | Fixed a bug where earlier a user from an older customer clicked edit and no tunnel option popped. |
| 229655 | Netskope Private Access (NPA) | Prior to restarting NPA service, Netskope Client checks and factors in all conditions such as, user disable, admin disable, on-prem status, and so on. |
| 217624 | Netskope Private Access (NPA) | Fixed an issue to display appropriate error message if the user has access to more application hosts than permitted with the “host limit”. |
| 221563 | Platform Services | If Role has manage and apply permission for App Definitions then New Certificate Pinned App is disabled. A workaround is to create a role which has manage permission for App Definitions. |
| 221540 | Remote Browser Isolation (RBI) | Fixed an RBAC V1 issue with view only permission, where the user could not see the list of RBI template names for filterRBITemplate and it was throwing a Permission denied message in Skope IT pages. The RBAC V1 helper code has been updated to prevent the issue. |
| 221749 | Remote Browser Isolation (RBI) | Fixed an issue in Skope IT > Applications page and Users page where users were seeing an incorrect Filter by RBI template option. |
| 209042 | Remote Browser Isolation (RBI) | Netskope fixed a known issue where cookies generated in isolation were not stored by default in the end user’s local browser when the “private navigation” was disabled in their RBI template. You can discard the workaround proposed in the previous release. |
| 213114 | Risk Insights | Fixed an issue where some information related to user agent was not extracted properly. The issue was resolved using the agent-parse library. The information is now parsed properly. |
| 222441 | Skope IT | Fixed an issue in Skope IT >Events > Application Events where content was hidden as the page cannot be scrolled. |
| 206907 | SaaS Security Posture Management (SSPM) | Fixed an issue where muting all the SSPM raw findings failed. This issue was observed in Netskope SaaS Security Posture Management’s compliance dashboard. |
| 203522 | Traffic Steering | Fixed an issue where AirDrop was not working when the Client was enabled. |
| 215837 | Traffic Steering | Fixed an issue where traffic was not going through the tunnel for a macOS v13 virtual machine. Apple has fixed this with their recent beta Builds 13.1 22C65 and 13.2 22D5027D. |
| 222401 | Traffic Steering | Netskope fixed an issue where incorrect Windows OS version was displayed on the WebUI device page. |
| 192513 | Traffic Steering | Netskope Client respond to route changes only when the Netskope Tunnel IP and user IP are of same address family (v4 or v6). |
| 206071 | Traffic Steering | Netskope fixed the Windows Client agent service hang and timeout issue caused by internal lock mechanism. |
| 222646 | Traffic Steering | IoCreateDeviceSecure() is used to control access to the driver for every IOCTL. By using this with security descriptors, only system or admin processes are allowed to open a handle. |
| 219888 | Traffic Steering | Fixed a Client installer issue on domain joined Linux machine when login-formats is {domain}{user_name}. |
| 211384 | Traffic Steering | With this release non-admin users are incapable to stop Windows Client service. |
| 222645 | Traffic Steering | If autoupgrade is disabled, remove any STAgent.msi package which is left in the programdatanetskopestagentdata cache. Rename m_isInstallationHelperFlow to m_isSvcFlow and set it to true only for stAgentSvc service process. |
| 208985 | Traffic Steering | Fixed an issue that the macOS Client sometimes automatically is enabled under some circumstances. |
| 209132 | Traffic Steering | Legacy device classification component doesn’t support multi cert, newer version will support this function. Netskope rolls out newly refactored service that include this feature. |
| 211697 | Traffic Steering | Netskope fixed an enrolment issue for Microsoft Teams on Android when ADFS was configured. |
| 219886 | Traffic Steering | Fixed an OpenDevice issue on IPv4 only device. With this fix, IPv6 was enabled by default on all Linux distros. |
| 224893 | Traffic Steering | Fixed a crash issue that occurred while handling log message. |
| 224832 | Traffic Steering | Fixed an issue that existing bypass TCP connection was blocked when failClose was activated on tunnel disconnection. |
| 223954 | Traffic Steering | Fixed a bypass-by-tunnel issue when app domain and tunnel domain was “*” in certificate pinned app exception. |
| 209646 | Traffic Steering | Netskope fixed a fail close not working issue for un-provisioned user under multiple user mode on Windows. |
| 226299 | Traffic Steering | Client enforcement fails due to invalid ELF header, the root cause is that libxmljs ARM version library in Enforcer is incompatible with prod server intel CPU. The libxmljs Intel version is redeployed to repair Client enforcement. |
| 228009 | Traffic Steering | Fixed a log rotation issue when the log size was greater than 25 MB. |
| 225979 | Traffic Steering | Fixed an issue where Netskope certificate cannot be imported into Firefox certificate store when self-protection was enabled on Windows. |
| 228523 | Traffic Steering | The traffic to that destination exception should be bypassed locally, when an exception is marked as Treat like local IP. |
| 228693 | Traffic Steering | Netskope fixed an fail close mode failure issue by fixing the process crash so fail close can block all internet access. |
| 229981 | Traffic Steering | Fixed an issue where Client cross process connection on some Windows machine failed between UI and service after waking up from sleep. |
| 228009 | Traffic Steering | Netskope fixed an issue where Client notifications were not working in Explicit Proxy over IPSec or GRE Tunnels mode. |
| 228523 | Traffic Steering | The traffic to that destination exception should be bypassed locally, when an exception is marked as “Treat like local IP”. |
| 228693 | Traffic Steering | Netskope fixed an fail close mode failure issue by fixing the process crash so fail close can block all internet access. |
| 224443 | Traffic Steering | Netskope fixed an issue to improve WebUI performance for Search OU/Group from Client Configuration was improved. |
| 229981 | Traffic Steering | Fixed an issue where Client cross process connection on some Windows machine failed between UI and service after waking up from sleep. |
| 230229 | Traffic Steering | Netskope fixed an issue where Client notifications were not working in Explicit Proxy over IPSec or GRE Tunnels mode. |
| 179238 | Traffic Steering | An issue where client package cannot be downloaded through IDP authentication is fixed now. |
| 230341 | Traffic Steering | Fixed a UDP data handling issue which caused tunnel to disconnect from Netskope Client for Mac users. This was observed when Cloud Firewall mode was enabled. |
| 221336 | Traffic Steering | The Steering Exception added by user should retain when User switches from Cloud App to Web Traffic, Web Traffic to All Traffic, and All Traffic to Cloud App or vice-versa. |
| 224209 , 223752 | Traffic Steering | Fixed an issue where server returned error response when trying to fetch user groups, and database that has large user groups dataset for example, around or above 1 million records. |
| 219492 | UI Platform | Fixed a drag and drop control issue by providing a workaround of refreshing browser and then dragging and dropping. |
