This release notes provides information about the changes in NetWitness Platform 12.2.0.1.
Security Fixes
This patch release of NetWitness addresses the following vulnerability:
-
CVE-2022-37434
-
CVE-2022-4378
-
CVE-2022-42703
-
CVE-2023-0286
-
CVE-2023-0767
-
CVE-2023-21930
-
CVE-2023-21939
-
CVE-2023-21954
-
CVE-2023-21967
-
CVE-2023-21937
-
CVE-2023-21938
-
CVE-2023-21968
For more information, refer the following security advisories:
- https://community.netwitness.com/t5/netwitness-platform-security/nw-2023-05-multiple-components-within-netwitness-platform-xdr/ta-p/698474.
- https://community.netwitness.com/t5/netwitness-platform-security/nw-2023-03-multiple-components-within-netwitness-platform-xdr/ta-p/697207
Note: If you have the Export Connector plugin in your deployment, you must do the following:
• If you have Logstash installed separately, not as part of the NetWitness installation, you must uninstall the Export Connector plugin and install the updated Export Connector plugin after 12.2.0.1 patch upgrade. In this case, the old Export Connector plugin files are not automatically removed after upgrade. You must remove the old plugin files, so the scans do not list them as vulnerabilities. For more information on how to remove the old plugin files and install the updated plugins, see the Post-Upgrade Tasks section in https://community.netwitness.com/t5/netwitness-platform-online/upgrade-instructions-for-12-2-0-1/ta-p/698615.
• If you have Logstash installed as part of the NetWitness installation on the Log Collector service, the updated Export Connector plugin will be automatically installed during the 12.2.0.1 patch upgrade.
Upgrade Paths
The following upgrade paths are supported for NetWitness 12.2.0.1:
-
12.2.0.0 to 12.2.0.1
-
12.1.1.0 to 12.2.0.1
-
12.1.0.1 to 12.2.0.1
-
12.1.0.0 to 12.2.0.1
-
12.0.0.0 to 12.2.0.1
-
11.7.3.0 to 12.2.0.1
-
11.7.2.0 to 12.2.0.1
-
11.7.1.2 to 12.2.0.1
- 11.7.1.1 to 12.2.0.1
- 11.7.1.0 to 12.2.0.1
- 11.7.0.2 to 12.2.0.1
- 11.7.0.1 to 12.2.0.1
- 11.7.0.0 to 12.2.0.1
- 11.6.1.4 to 12.2.0.1
- 11.6.1.3 to 12.2.0.1
Warning: Before upgrading the UEBA host to 12.2.0.1, you must perform the backup of your Elasticsearch data such as Users, Entities, Alerts, and Indicators to retain them post upgrade. For more information, see NetWitness UEBA Configuration Guide for 12.2.