Version 9.4 Known Issues

TRACKING IDDESCRIPTION
RRV-1017

JasperReports Server is unresponsive after saving a scheduled report in Internet Explorer. 

Workaround: This issue can be resolved by refreshing the page. 
RV-22319
Not all Microsoft® Word documents can be imported as RiskVision policy documents.
Workaround: Most issues can be resolved by manually editing the imported document or by copying and pasting one section at a time.
RV-24010
The default choice template (a drop-down list) does not work with table-type questions.
Workaround: Create a new choice template for use with table-type questions.
RRV-2593
An error message is generated when exporting a JasperReports Server repository using the script js-export.bat. This is the result of a JasperReports Server bug that creates an error message when one should not be created. The export is fine and will be able to be successfully imported into the same or another instance of JasperReports Server.
RRV-2660
An error message is generated when executing the command: js-export --everything --output-zip repository.zip >>test.log. This is a known issue for Amazon Corretto 8. The export and import of repository.zip is successful and there are no known issues due to this error.

RV-29911

RV-29915

RV-35429

RV-35741

RV-36862

RV-36717

RV-40613

RV-40620
Preferred ownership issues:
  • Viewing assessment details in a program can reveal all stakeholders in the workflow, rather than only the preferred owners in the current stage.
  • Enabling preferred ownership on a workflow that is already in use only applies to subsequent preferred ownership assessments that use the workflow.
  • Deleting preferred ownership from controls after the launch of assessments does not change the assignment of controls to stakeholders.
  • If content in a program is added at the group level, and if it has preferred ownership added at the control level, duplicate controls will be created when the program is edited, or when assessments within that program are restarted.
    Workaround: Assign the preferred ownership at the same level as the content added in a program. For example, if the preferred ownership is assigned to the content at the group level, assign the content to the program at the group level. If the preferred ownership is assigned to the content at the control level, assign the content to the program at the control level.
  • Preferred ownership works only in the first stage of assessment workflows with branching.
  • Controls assigned to the assessment stakeholders do not get updated after editing the program to select the "Do not assess controls with preferred ownership configured when the entities being assessed have no owners that correspond to the preferred owners associated with the control" program option.
RV-30240
A custom dashboard or chart that uses the comment column from the agl_ramitigationtable will fail to execute the query.
Workaround: To execute the custom query successfully, rename the comment column to mitigation_comment.
RV-31601
The cache does not update immediately when controls and sub-controls are updated.
Workaround: Wait a few minutes for the controls and sub-controls to be updated in the relevant assessments.
RV-33240
When propagation is enabled, answering the parent entity assessment will not update the scores of its child entities on the Program Details page > Assessments tab. Scores are updated correctly on the Assessment Details page > Control Results tab of the parent.
Workaround: To update the scores, select the child entity, then select Propagate Control Results from the More Actions drop-down list.
RV-33301
When a user tries to run a Jaspersoft report after logging out of RiskVision, the report appears to run but is not rendered. The reason the report appears to run is that the Jaspersoft user interface is still available.
Workaround: Close the browser where the Jaspersoft application is running.
RV-35412
Risks added to an assessment cannot be removed, even if the stakeholder changes the answer choice from any assessment workflow stage.
Workaround: Manually delete the risks.
RV-36406
Adding the same input control multiple times when importing a RiskVision chart does not produce the desired results.
Workaround: If you need to have the same input control more than once, create a new input control with a different resource ID.
RV-36472
It may not be possible to create an assessment that contains a dynamic group of more than 17,000 entities.
Workaround: Whenever a dynamic group contains more than 17,000 entities, split the excess entities into a separate dynamic group and then run the assessment.
RV-36615
It is impossible to export JasperReports Server Fusion charts to formats other than PDF and HTML.
RV-37639
The schema name is saved in the database in uppercase, even if the user entered it in lowercase when creating the schema:
  • Whenever hyphens are used in the schema name during import, the schema name is converted to uppercase. For example, "schema-name" becomes SCHEMA-NAME.
  • When an export is performed with the original name (schema-name in lower case), a "schema not found" error message is thrown. Export is successful if the schema name is given in uppercase.
Workaround: Avoid using hyphens in schema names. If you must use a hyphen, reference the schema name using uppercase.
RV-37753
Risks are not auto-identified and text-type sub controls fail when scoring for text-type questions is enabled in Questionnaire Presentation Options.
RV-37965
The JasperReports Server installation fails if the length of the installation path is longer than 260 characters.
RV-38326
The JasperReports Tomcat service fails to start on a computer if the JasperReports Server installation path contains special characters, such as $, %, &, and @. The service does not start even when it is attempted manually.
RV-39271
Users with an assigned Vulnerability severity filter receive an error message when accessing the entity.
Workaround: Use Entity Vulnerability General.Severity for this entity as a condition instead of Vulnerability General.Severity.
RV-39409
It is not possible to advance a workflow stage if it is assigned a team of more than 200 stakeholders.
RV-39650
Control results are not propagated down to related entities if multiple assessments for the related entities are created after the controls results have been propagated by the source entity.
Workaround: Execute Propagate control results from the More Actions drop-down on the Programs > Assessments page.
RV-41364
Entities cannot be copied if they are imported into RiskVision without a primary owner.
Workaround: Assign a primary owner to all imported entities before copying them.
RV-42362
Users with an Entity filter condition of Classification. Internal or external encounter an exception when running reports.
Workaround: Avoid using the Classification. External or internal attribute within any filter conditions. Use the Entity. Internal or External attribute instead.
RV-42602
Entities cannot be retrieved for users with the filter condition EntityCustomAttributes_CustomText_1.
Workaround: Filtering based on CLOB-type columns on the RiskVision server is not supported. Any report attribute to be excluded from filtering must be marked as a non-filterable (‘filterable=”false”) in the ReportAttributes.xml file.
RV-42629
Data in RiskVision doesn't honor the EntityCustomAttributes_CustomEncryptedString_1 filter.
Workaround: Any report attribute to be excluded from filtering must be marked as non-filterable (‘filterable=”false”) in the ReportAttributes.xml fileACL filters with conditions based on encrypted fields are not supported.
RV-42839
Unable to load data to users with the Incident filter condition of Incident_Incident_Comment ACL. Filtering based on CLOB-type columns is not supported on the RiskVision server.
Workaround: To prevent report attributes based on CLOB or similar columns from being displayed in Filter Manager’s filter condition field list, mark the report attributes as non-filterable (‘filterable=”false”) in ReportAttributes.xml file.
RV-42991
Exceptions requested from Home-Exception Requests are not displayed in the Exceptions tab and Control results drill down.
Workaround: Create the exceptions at the assessment level, not on the Home > Exceptions page.
RV-43058
The filter condition Entity Custom Attributes. Custom Rational Number 3 generates an error.
Workaround: Add the Custom Attributes extensions for Float in the ReportAttributes.xml file:
<Group name="AssetCustomAttributes">
<Attribute name="Asset.CustomAttributes.CustomAttributes.float1" displayname="Custom Rational Number 3" datatype="float" category="%Asset% Custom Attributes"></Attribute>
Restart Tomcat Services.
RRV-3019Policy text in Edit mode is cramped and difficult to read.
Workaround: Ensure the line spacing settings in Paragraph > Spacing > Line Spacing is set at Exactly 12pt or Exactly 14pt.
RRV-4012When upgrading to RiskVision 9.3, some vulnerabilities that have been imported in NVDB are missing their attached technologies.
Workaround: Post upgrade, set the following property in the Agiliance properties file: com.agiliance.agent.nvd.cve.forceUpdate=true. Restart the RiskVision Tomcat services and point the NVD Connector at the RiskVision database.

RRV-4228Users are unable to view drill-down details of the Vulnerabilities Found per Source and Vulnerability Remediation Tickets by Risk Level charts in the Threat & Vulnerability Manager default dashboard despite the drill-down link being present.
Workaround: Avoid clicking on these charts. A fix for this issue is coming in version 9.5.
RRV-4336Users running RiskVision on Firefox version 68 are unable to change an ad hoc report's type to "Table".
Workaround: Run RiskVision in Google Chrome, Microsoft Edge, or any version of Mozilla Firefox below version 68.