Documentation forSolarWinds

ETS for the Web 2024.2.1 release notes

Release date: July 24, 2024

Here's what's new in ETS for the Web 2024.2.1. You can find the applicable system requirements here.

To view release notes, system requirements, and product guide PDFs for supported versions of ETS for the Web, see ETS for the Web previous versions. To view release notes for multiple versions and multiple SolarWinds Platform products on a single page, see the release notes aggregator.

ETS for the Web runs on the SolarWinds Platform (self-hosted). ETS for the Web release notes include the updates from the SolarWinds Platform (self-hosted).

New features and improvements in ETS for the Web

There were no features or improvements added for ETS for the Web in this release.

Fixed CVEs

At SolarWinds, we prioritize the swift resolution of CVEs to ensure the security and integrity of our software. In this release, we have successfully addressed the following CVEs.

Third-party CVEs

CVE-ID Vulnerability title Description Severity
CVE-2024-0727 Broken access control vulnerability Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. 5.5 Medium
CVE-2023-52323 Side Channel Attack Vulnerability PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack. 5.9 Medium
CVE-2023-49083 A null pointer reference vulnerability in python-cryptography The cryptography package before 41.0.6 for Python is vulnerable for DoS attack over null pointer dereference 7.5 High
CVE-2023-38325 Cryptography Package Vulnerability The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options. 7.5 High
CVE-2023-29483 Broken access control vulnerability eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. 5.9 Medium
CVE-2022-37601 Prototype pollution vulnerability in webpack js loader The webpack.js prior to version 1.4.1 is vulnerable for prototype pollution attack over named variables passed into parseQuery.js lib. 9.8 Critical

Fixed customer issues

Case number Description Platform product
00375258, 01399031, 01393180, 01427623, 01432854, 01435862, 01454054, 01454252, 01478309, 01585241, 01591091

When a discovery job discovers a set of nodes and some of those nodes are already being monitored, the discovery job does not include currently monitored nodes when it determines if enough licenses are available to monitor the new nodes. When enough licenses are available, discovery no longer fails with the message Import Failed - License Exceeded.

For example, you are licensed to monitor 100 nodes. You are currently monitoring 90. A discovery job discovers 20 nodes, and 10 of those nodes are already being monitored. When determining if enough licenses are available, discovery does not add all 20 discovered nodes to the currently monitored 90. It adds only the 10 unmonitored nodes. Therefore, it determines that enough licenses are available to monitor the new nodes.

 Platform
00226816, 00277146, 00718167, 00749906, 00759474, 00765442, 00780330, 01203038, 01289256, 01532606, 01597549

A duplication in the WebCommunityStrings table in the SolarWinds Platform database no longer causes nodes to be displayed twice in the SolarWinds Platform Web Console.

 Platform
01572830

When HA is set up on a BIND DNS server, the TSIG algorithm is configurable and can be selected in the settings.

 Platform
01678844

When you hover over an object on a map and click Go to Details, the Details view opens on a separate tab instead of within the map widget.

 Platform
N/A

The Cisco machine types are recognized for the following Cisco models:

  • C8300-1N1S-4T2X
  • C9200CX-12P-2X2G
  • C9200CX-8P-2X2G
  • VG400-4FXS/4FXO
  • VG420-84FXS/6FXO
 Platform
01608689

When Azure SQL DB is used as the SolarWinds Platform database, importing CVE data no longer fails.

 Platform
01581113, 01613910

When a map has more than 10 owners, the option to list all owners in the Filters panel works correctly.

 Platform
01613628, 01670133, 01672562

Attempting to add a node that does not have a SysName no longer fails with the error IP Address Is Already Monitored.

Platform
01614548

If you change the authentication method for SNMP v3 credentials while the trap service is running, SNMP v3 traps are no longer discarded with a log message such as:

2024-06-04 06:38:33,311 [50] ERROR SolarWinds.Orion.LogMgmt.TrapServiceImplementation.TrapPacketProcessor - Bad trap packet received from Node with IP xxx.xx.x.x. Error description: User authentication failed (signature of incoming packet could not be verified with the local user credentials).

Platform
01678020

The Job Engine efficiently clears old *.result files from the SchedulerResults folder. Having a large numbers of *.result files no longer causes the Job Engine to time out, which prolonged the process and interfered with polling.

 Platform
01597891

If you are editing a map that was created when links were only straight lines (no bends), selecting a link displays the connection details and does not generate an error.

 Platform
01521816

When the SolarWinds Platform is deployed behind an SSL offloading load-balancer, relative links work correctly in an Edge browser.

 Platform
01609918

An empty radio_mac, ip_address, or radio_bssids field no longer causes polling an Aruba Central device to fail.

Platform
01591599, 01592062, 01563460, 01583454, 01600162, 01680231, 01686342

Performance Analysis Dashboard (PerfStack) widgets reflect the correct time.

Platform
01583231

In NOC view, widgets display data immediately instead of after the first refresh.

 Platform
01675106

Clicking an object on a map now opens the object as expected.

 Platform
N/A It is now possible to create a High Availability pool without a virtual IP address and hostname. This can be done through the UI or the SolarWinds Platform SDK. Platform
01689461, 01689549, 01692705, 01722334

An issue that prevented High Availability failovers in certain situations has been fixed.

 Platform
N/A

When a user attempts to remove an entity through the SDK/API, the API function works correctly and the following generic error message is no longer displayed:

Object reference not set to an instance of an object.

Platform

Installation or upgrade

For information about installing Engineer's Toolset, see the ETS Installation Guide. After installation, use the ETS Getting Started Guide to get started fast.

Use the SolarWinds Orion Installer to upgrade ETS for the Web and your entire Orion deployment (all Orion Platform products and any scalability engines).

If you are upgrading from ETS for the Web 2019.2 or later, you can upgrade your entire Orion deployment from the My Orion Deployment page in the Orion Web Console. Downloading the Orion Installer is no longer necessary.

For new SolarWinds Platform deployments, download the installation file from the product page on https://www.solarwinds.com or from the Customer Portal. For more information, see Get the installer.

To activate your product in an existing SolarWinds Platform deployment, use the License Manager.

For upgrades, go to Settings > My Deployment to initiate the upgrade. The SolarWinds Installer upgrades your entire deployment (all SolarWinds Platform products and any scalability engines).

For more information, see the SolarWinds Platform Product Installation and Upgrade Guide.

For supported upgrade paths, see Upgrade an existing deployment.

Known issues

Last updated: July 26, 2024

Platform Connect is not on the list of supported modules in the Azure database

After you upgrade to SolarWinds Platform 2024.2.1 and run the Configuration Wizard, the wizard may fail with the following error message:

Some of your modules (Platform Connect) don't support Azure database.

The issue occurs because Platform Connect is not on the list of supported modules in the Azure SQL database.

Resolution or workaround: Add Platform Connect to the PCI.xml file. For details, see Configuration Wizard Error: Some of your modules (Platform Connect) don't support Azure database.

End of life

Version EoL announcement EoE effective date EoL effective date
2022.4 June 4, 2024: End-of-Life (EoL) announcement – Customers on ETS for the Web version 2022.4 or earlier should begin transitioning to the latest version of ETS for the Web. July 4, 2024: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for ETS for the Web version 2022.4 or earlier will no longer actively be supported by SolarWinds. July 4, 2025: End-of-Life (EoL) – SolarWinds will no longer provide technical support for ETS for the Web version 2022.4.
2022.3 February 6, 2024: End-of-Life (EoL) announcement – Customers on ETS for the Web version 2022.3 or earlier should begin transitioning to the latest version of ETS for the Web. March 7, 2024: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for ETS for the Web version 2022.3 or earlier will no longer actively be supported by SolarWinds. March 7, 2025: End-of-Life (EoL) – SolarWinds will no longer provide technical support for ETS for the Web version 2022.3.
2022.2 November 1, 2023: End-of-Life (EoL) announcement – Customers on ETS for the Web version 2022.2 or earlier should begin transitioning to the latest version of ETS for the Web. December 1, 2023: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for ETS for the Web version 2022.2 or earlier will no longer actively be supported by SolarWinds. December 1, 2024: End-of-Life (EoL) – SolarWinds will no longer provide technical support for ETS for the Web version 2022.2.

See the End of Life Policy for information about SolarWinds product life cycle phases. To see EoL dates for earlier ETS for the Web versions, see ETS for the Web release history.

Deprecation notice

The following platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features.

MAPI User Experience Monitor

MAPI User Experience Monitor, a component monitor that can be added to an application template, is deprecated as of 2024.2. It is still available and supported in the current release, but will be removed in a future release. Deprecation is an indication that you should avoid expanded use of this feature and formulate a plan to discontinue using the feature.

Network Atlas

Network Atlas is deprecated as of Orion Platform 2020.2. It is still available and supported in the current release, but will be removed in a future release. Deprecation is an indication that you should avoid expanded use of this feature and formulate a plan to discontinue using the feature. SolarWinds recommends that you start using Intelligent Maps in the SolarWinds Platform Web Console to display maps of physical and logical relationships between entities monitored by the SolarWinds Platform products you have installed.

Starting with 2024.2, you can import Network Atlas maps to Intelligent Maps. See Import maps.

Legal notices

© 2024 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.