Engineer's Toolset 2022.4 Release Notes
Release date: November 22, 2022
These release notes describe the new features, improvements, and fixed issues in Engineer's Toolset 2022.4. They also provide information about upgrades and describe workarounds for known issues.
Improvements in ETS
Compatibility improved with the SolarWinds Platform
This release is a compatibility update for Engineer's Toolset for Desktop and Engineer's Toolset for the Web. Engineer's Toolset for the Web is part of the SolarWinds Platform and can be used alongside other SolarWinds Platform products. This release improves compatibility with newer versions of the SolarWinds Platform.
See also SolarWinds Platform 2022.4 Release Notes.
New customer installation
How to upgrade
To upgrade Engineer's Toolset for Desktop to 2022.4, download the latest ETS for Desktop installer from the Customer Portal and reinstall ETS for Desktop by following the steps in Downloading and installing Engineer's Toolset for Desktop.
To upgrade Engineer's Toolset for the Web, use the SolarWinds Platform installer.
If you are upgrading Engineer's Toolset for the Web, you must be on ETS 2020.2.1 or later to upgrade to ETS 2022.4. If you are on ETS 2019.4 or earlier, first upgrade to 2020.2.6 and then upgrade to 2022.4.
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
|CVE-2018-1285||Apache log4net before 2.0.8 XML vulnerability||Apache log4net before 2.0.8 does not disable XML external entities when parsing log4net configuration files. This could allow for XXE-based attacks in applications that accept arbitrary configuration files from users.||6.7 (Medium)||N/A|
|CVE-2021-35246||Unprotected Transport of Credentials (HSTS) Vulnerability||The application fails to prevent users from connecting to it over unencrypted connections. An attacker can modify a legitimate user's network traffic and could bypass the application's use of SSL/TLS encryption, and use the application as a platform for attacks against its users.||
© 2022 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.