For MVISION Cloud Connector Known Issues, see MVISION Cloud Connector Known Issues.
|Date||Description and Workaround (if any)||Found in Release||Fixed in Release|
|July 22, 2021||
When you upload a malware file in Microsoft Dynamics 365, then the NRT DLP policy for Microsoft Dynamics 365 cannot be triggered. This is due to MVISION Cloud doesn't receive any events from Microsoft for malware-infected files. If the events are not received from Microsoft Dynamics 365 for the malware-infected files, then the NRT DLP Malware policy cannot be supported in Microsoft Dynamics 365.
|July 20, 2021||
Configuration Audit changes in Continuous Evaluation mode are sometimes causing inconsistent results in Resources and Policy Incidents. We have made a change to aggregate events before processing them to prevent the issue.
|July 20, 2021||Previously, when you scanned a container image, items identified by different tags were counted as separate resources, even when they were referenced by the same container image. Now, when you do a scan (and don't filter out certain items), the number of Items Scanned in the scan results should match the number of Resources listed. For details, see Resources for Container Security.||-||5.4.2|
|July 8, 2021||
Incidents for Security Groups with Security Configuration Audit Policies are now generated even for Security Groups that are not attached to EC2 instances. This will cause an increase in incident counts.
|July 8, 2021||Previously, the Policy Incidents Cloud Card did not capture the transition of an incident to Open under Incident History, while other states are shown. This issue is fixed, and the incident history now reflects the correct workflow.||5.4.1||5.4.2|
July 8, 2021
|June 14, 2021||
The upgrade from 5.4.0 HF to 5.4.1 in EU and Canada environments causes the PoP status to say that the PoP Manager is not in running state, or to set a PoP status to Unhealthy.
To resolve this issue:
|June 9, 2021||In the Analytics > Users page, the user with detokenized permissions cannot search for plain text user names and source IP addresses from Omnibar.||5.4.1|
|June 7, 2021||
MVISION Cloud generates incidents for the misconfigured AWS security groups that are attached to EC2 instances but does not generate the incidents for the misconfigured security groups that are not attached to any EC2 instances.
This issue was fixed by updating the policies related to security groups so that they now evaluate the non-attached security groups too for any misconfigurations and generate incidents.
After the fix, you may see an increase in the number of incidents being reported that is directly proportional to the number of misconfigured, non-attached security groups in your environment. As part of the fix , following policies were modified :
|April 22, 2021||When using MVISION Cloud - Cloud Access Policy for contextual access control and when a policy is configured that unmanaged devices are allowed to access Office 365 UI through web browsers, navigating to "Power Automate" (also known as "Flow") will cause the user to be logged out of the Office 365 session on the unmanaged device. Access to Office 365 from managed devices is not affected. As a workaround, McAfee suggests to implement a request classifier to block access to "Power Automate" from unmanaged devices. The functionality implemented with "Power Automate" is still fully functional, only the ability to create or edit these flows is then blocked when accessing Office 365 from an unmanaged / high risk device
|Dec. 17, 2020||
When configuring your Microsoft Azure instance to use with Security Configuration Audit, Azure will ask for approval to connect multiple times. MVISION Cloud asks for consent and forces the user to go through the approval process due to the consent parameter in the OAuth URL. This is caused by configuring the security setting "App Approval Authorization Process" in your Azure tenant. For a workaround, see Workaround - Enable Security Configuration Audit for Microsoft Azure.
|Dec. 7, 2020||
Container Vulnerability Scans (CVS) are based on the Common Vulnerability Scoring System (CVSS), which assigns industry-standard scores to vulnerabilities. MVISION Cloud uses CVSSv2 and CVSSv3, defaulting to CVSSv3 when there are differences. You may notices changes in the reported Vulnerability Severity as MVISION Cloud upgrades from CVSSv2 to CVSSv3.
|Oct. 1, 2020||
If you have changed the weight of a Risk Attribute, there may be a mismatch in the value of the metrics displayed in the Cloud Service Advisor and the Services Overview. MVISION Cloud does not consider tenant-specific overrides in risk scoring while computing services in the Cloud Service Advisor.
|Sept. 21, 2020||
As IaaS Config Audit policy names were updated. Note the following issues:
|Aug 25, 2020||Some Cloud Security Advisor metrics have been split into product-specific groups for Shadow IT, SaaS, and IaaS. For this reason, you may see a drop in your Visibility and Control scores. For details, see Cloud Security Report.||5.1.2||-|
|Aug 18, 2020||
Known Issue for Intune Mobile Device Management (MDM) for New User Enrollment or iOS 13.x. Users on iPhones or iPad devices on iOS cannot enroll through the Intune application and are getting a blank page. For complete details and workaround, see Create a Cloud Access Policy.
|June 26, 2020||When you create a vertical bar chart and update the dimensions, sometimes the chart will not load. If you select another chart type, such as line, donut, or horizontal bar, then switch back, the vertical bar chart is displayed. This issue will be fixed in a future release.||5.1.0||-|
|Jan 20, 2020||On the Incidents > Threats and Anomalies > Shadow Anomalies page, there is a known issue when you try to mark an anomaly as invalid, the button behaves irregularly. Sometimes the anomaly is marked invalid and sometimes it is not. Also, on the same page, when you use the button to add or remove a user from the Watchlist, the change is made in the backend, but the icon in the user interface does not reflect this. This will be fixed in a future release.||4.2.2||-|