PCE Platform
In a Supercluster, syslog server cannot be configured for member PCEs (E-106345)
The setup of a syslog server can be performed only from the leader PCE.
PCE application log files are not rotated (E-105659)
Some PCE application log files (agent, collector, haproxy) are not rotated, while other files are rotated correctly.
Workaround: none.
VENs on RHEL 8 potentially subject to OpenSSL CVEs (E-93205)
VENs installed on RHEL 8 use the OpenSSL package that is installed as part of the OS. There are known security vulnerabilities on several OpenSSL versions.
Workaround: Upgrade to the latest OpenSSL package v3.0.5 or v1.1.1q or later. Please note that based on its usage of OpenSSL, VENs are not impacted by CVE-2022-1292, CVE-2022-2068, and CVE-2022-2274.
XFF not working properly (E-88891)
The user activity page in the UI reports the LB SNAT IP address instead of the user's IP address from the XFF header even when SNAT IP is configured as a Trusted Proxy. In addition, accessing a non-existent API endpoint also logs the SNAT IP address in audit events instead of the client IP address from the XFF header.
No workaround is available.
The
agent.activateevents are not always classified correctly (E-74682)Events generated when an agent is activated (
agent.activateevents) are categorized inconsistently. Success events are classified as auditable, and failure events are categorized assystem_events.No workaround is available.