SCA Release Notes

Use this page to find information about the releases of BigFix® Compliance Security Compliance Analytics (SCA), including new features, enhancements, fixed issues, and upgrade instructions.

Overview

BigFix® Compliance Security Compliance Analytics (SCA), formerly known as BigFix® Compliance Analytics, is a web-based analytics and reporting component of BigFix® Compliance that aggregates check results, exceptions, and vulnerability data from endpoints across your deployment. The following sections list the new features, enhancements, and fixed issues for each release.

BigFix Compliance Analytics version 2.0 Patch 18

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 18 SCM Reporting 170

BigFix Compliance Analytics version 2.0 Patch 18 includes enhancement and fixes.

Highlights for Analytics version 2.0 Patch 18
  • Upgrade to Sumeru Java 21.0.10_7
  • Upgrade to jRuby 10.0.5.0
  • Upgrade to Rails 8.1.3
  • Upgrade to WLP 26.0.0.3

Enhancements Implemented

Defect Article Issue Description
NA Email notification to intimate Admin of SSL certificate Expiry

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.18 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 17

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 17 SCM Reporting 169

This release includes fixes for the following issues.

Resolved issues

Defect Article Issue Description
KB0130358 The import fails to manage the display_name values.
KB0130344 BigFix Compliance Import Job fails with errors:
  1. Sequel::UniqueConstraintViolation: Java::ComMicrosoftSqlserverJdbc::SQLServerException: Violation of PRIMARY KEY
  2. RuntimeError: Unable to find Subscribed Sites analysis

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.17 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 16

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 16 SCM Reporting 167

BigFix Compliance Analytics version 2.0 Patch 16 includes enhancement and fixes.

Highlights for Analytics version 2.0 Patch 16
  • HotFixes
  • PSIRTs
  • Updated to Semeru Java v17.0.16.

This release includes fixes for the following issues.

Resolved issues

Defect Article Issue Description
KB0128136 BigFix Compliance failing on Entra ID SSO.
KB0128604 BigFix Compliance data import is continuously failing on the server.
KB0127704 User Provisioning Error.
NA Logout button missing in Compliance while logged in through SSO.
NA SCA computer group logic not working.
NA Compliance server import fails after BigFix server is patched and rebooted.

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.16 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 15

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 15 SCM Reporting 165

BigFix Compliance Analytics version 2.0 Patch 15 includes enhancements and fixes.

Highlights for Analytics version 2.0 Patch 15

  • Hotfixes
  • PSIRTs.

This release includes fixes for the following issues.

Resolved Issues

Defect Article Issue Description
KB0124591 Import fails with the error "The query processor ran out of internal resources".
KB0124469 SCA SSL Certificate Automation.
KB0122461 Recurring issues with error "originally defined computers have been deleted".
KB0123758 "Download NVD CVE Data Files" Fixlet not working.
KB0123594 BigFix Compliance - Management: Computer Groups - Stuck on Loading but other pages are loading fine.
KB0124202 Tem_Analytics DB consuming huge space on DB server and import failing.
KB0127024;KB0127405 SCA Server not sending reports by mail.

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.15 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 14

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 14 SCM Reporting 159

BigFix Compliance Analytics version 2.0 Patch 14 includes enhancements and fixes.

Highlights for Analytics version 2.0 Patch 14

  • Upgrade Rails to 7.2.2.1
  • Update JRE version to 8.0.8.45
  • Update IBM WebSphere Application Server Liberty version to 25.0.0.7
  • Mobile (Android, iOS) and ESXi support
  • NVD source change for vulnerability data.

This release includes fixes for the following issues.

Resolved Issues

Defect Article Issue key Summary
KB0122461 BSU-17671 Compliance error Error: 1 of the originally defined computers has been deleted.
KB0121387 BSU-17611 Saved Report Configure view issue.
KB0121747 BSU-17584 Compliance report saveas default view.
KB0120746 BSU-17449 BigFix Compliance LDAP configuration issue.
KB0120156 BSU-17279 Compliance Vulnerability Data.
KB0116163 BSU-16201 Unexpected behaviour of Vulnerable Computers in Vulnerability Report.

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.14 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 13

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 13 SCM Reporting 159

BigFix Compliance Analytics version 2.0 Patch 13 includes enhancements and fixes.

Highlights for Analytics version 2.0 Patch 13

  • Upgrade Rails to 6.1.7.9
  • Update JRE version to 8.0.8.40
  • Update IBM WebSphere Application Server Liberty version to 25.0.0.2.

This release includes fixes for the following issues.

Resolved Issues

Defect Article Issue Description
NA IBM SDK Java Technology Edition version updated to 8.0.8.40 to address vulnerabilities: CVE-2024-10917.
NA IBM WebSphere Liberty package version updated to 25.0.0.2 to address vulnerabilities: CVE-2024-40094.
BSU-16676 Incomplete compliance import still running but not processing if server restarts.
BSU-16409 Issue with the formatting of the CSV report from BigFix Compliance.
BSU-15585 SCA import performance.
BSU-17005 Compliance exceptions error.
BSU-16899 Update Fixlet # 1005 - Download NVD CVE Data Files and include nvdcve-1.1-2025.json.gz.
BSU-16557 BigFix Compliance does not log out user when session timeout expires.
BFC-7733 SCM Exceptions API to create or update an Exception.
BFC-7692 Request to enhance subject line in Report Subscriptions.
BFC-7691 Compliance Audit Logging.
NA Updated CSP headers and missing anti-clickjacking headers.

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.13 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 12

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 12 SCM Reporting 180

BigFix Compliance Analytics version 2.0 Patch 12 includes enhancements and fixes.

Highlights for Analytics version 2.0 Patch 12

  • Upgrade Rails to 6.1.7.8
  • Update JRE version to 8.0.8.30
  • Update IBM WebSphere Application Server Liberty version to 24.0.0.8.

This release includes fixes for the following issues.

Resolved Issues

Defect Article Issue Description
NA IBM SDK Java Technology Edition version updated to 8.0.8.30 to address vulnerabilities: CVE-2024-21147, CVE-2024-21140, CVE-2024-21144, and CVE-2024-27267.
NA IBM WebSphere Liberty package version updated to 24.0.0.8 to address vulnerabilities: CVE-2024-22354, CVE-2024-22353, CVE-2024-27268, CVE-2024-22353, CVE-2023-50314, CVE-2023-51775, CVE-2024-21147, CVE-2024-21145, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138, and CVE-2024-21131.
BSU-15745 Vulnerabilities in SCA reported by federal customer (Security Assessment Team).
KB0116355 / BSU-16355 Compliance Report PDF Export issue.
BSU-16101 Update Fixlet # 1005 - Download NVD CVE Data Files to include relevance for Win2022.
BSU-15898 BigFix Compliance REST API documentation lacking details on scoped_historical methods.
NA Fixed the computer group listing issue in Firefox.
NA Added support for KEV Content Pack in SCA.
NA Added note to track deleted Exceptions in SCA.

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.12 to take advantage of the fixes. See Installation and upgrade instructions.

BigFix Compliance Analytics version 2.0 Patch 11

Product Release Version Published Site
BigFix Compliance BigFix Compliance Analytics version 2.0 Patch 11 SCM Reporting 157

BigFix Compliance Analytics version 2.0 Patch 11 includes enhancements and fixes.

Highlights for Analytics version 2.0 Patch 11

  • Upgrade Rails to 6.1.7.7
  • Update JRE version to 8.0.8.20
  • Update IBM WebSphere Application Server Liberty version to 23.0.0.12
  • Scan issues are fixed in this release.

This release includes fixes for the following issues.

Resolved Issues

Defect Article Issue Description
NA IBM SDK Java Technology Edition version updated to 8.0.8.20 to address vulnerabilities: CVE-2023-44487, CVE-2024-20918, CVE-2024-20952, CVE-2023-33850, CVE-2023-50312, CVE-2023-46158, CVE-2024-27270, CVE-2023-44483, CVE-2023-33850, CVE-2024-30125, CVE-2024-30126, and CVE-2024-30127.
BSU-15031 Improved Java Heap Size memory usage during import of Patch and Vulnerabilities.
KB0110113 / BSU-14603 Updated code to check the SCA/Config/cacerts folder for certificates; if the folder is not present, it will check Java/lib/security/cacerts during the upgrade.
NA Pen testing (Security): Added object-src 'none' for response headers.
NA The vulnerability report CSV export for a same-day issue is fixed.
NA Added X-Frame-Options SameOrigin to the response header.
NA Added code to disable HTTP endpoint to mark cookie secure.
NA Added new patch sites to SCM Reporting.
NA The last 2 column display issues are fixed in this release.

Actions needed

Upgrade BigFix Compliance Analytics to version 2.0.11 to take advantage of the fixes. See Installation and upgrade instructions.

Installation and upgrade instructions

The following instructions apply to all BigFix Compliance Analytics 2.0 patch releases.

First-time installation

  1. In the License Overview Dashboard in the BigFix console (BigFix Management domain), enable the SCM Reporting site.
  2. In the Security Configuration domain in the console, open the Configuration Management navigation tree.
  3. Select the Fixlet named BigFix Compliance Server 2.0 - First-time Install Fixlet under the BigFix Compliance Install/Upgrade menu tree node.
  4. Follow the Fixlet instructions and take the associated action to install your BigFix Compliance deployment.

Upgrade installation

Refer to the prescribed upgrade steps for the BigFix Compliance version that you are using.

Important: Before you start any upgrade process, perform a server and database backup.
For BigFix Compliance Analytics versions 1.9.x, 1.10.x and 2.0.x:
  1. Make sure that you complete the server and database backup.
  2. It is recommended to stop the BigFix Compliance Server or at least disable scheduled Data Imports to ensure that Data Import is not in progress during the upgrade.
  3. In the Security Configuration domain in the console, open the Configuration Management navigation tree.
  4. Under the BigFix Compliance Install/Upgrade menu tree item, select the BigFix Compliance Server 2.0 - Upgrade Fixlet, which automatically installs and upgrades to the new version.
  5. Follow the Fixlet instructions and take the associated action to upgrade your BigFix Compliance deployment.
  6. Update the data schema. To do this, log in to the BigFix Compliance web interface from the host server and proceed with configuration. Upgrading the data schema is expected and it will take some time to complete.
    Note: Automatic upgrade installation only affects installations running under the LocalSystem account. Follow the Fixlet instructions to install the update manually if this fix cannot be applied.
For BigFix Compliance Analytics versions earlier than 1.9:
  1. Manually upgrade to version 1.10.1.48. The 1.10.1.48 installer can be found at http://software.bigfix.com/download/bfc/server/1.10/bfc-server-1.10.1.48.exe.
  2. After manually upgrading to version 1.10.1.48, use the BigFix Compliance Server 2.0 Upgrade Fixlet to upgrade to version 2.0 (see step BigFix Compliance Analytics versions 1.9.x, 1.10.x and 2.0.x).

More information