Version 9.7.1 Known Issues

Overview

The following is a list of know issues that you may encounter with daily use of RiskVision. These Known Issues will be address and documented within future RiskVision release notes.

Known Issues

TRACKING IDDESCRIPTION
RRV-1017

JasperReports Server is unresponsive after saving a scheduled report in Internet Explorer. 

Workaround: This issue can be resolved by refreshing the page. 
RV-22319Not all Microsoft® Word documents can be imported as RiskVision policy documents.
Workaround: Most issues can be resolved by manually editing the imported document or by copying and pasting one section at a time.
RV-24010The default choice template (a drop-down list) does not work with table-type questions.
Workaround: Create a new choice template for use with table-type questions.
RRV-2593An error message is generated when exporting a JasperReports Server repository using the script js-export.bat. This is the result of a JasperReports Server bug that creates an error message when one should not be created. The export is fine and will be able to be successfully imported into the same or another instance of JasperReports Server.
RRV-2660An error message is generated when executing the command: js-export --everything --output-zip repository.zip >>test.log. This is a known issue for Amazon Corretto 8. The export and import of repository.zip is successful and there are no known issues due to this error.

RV-29911

RV-29915

RV-35429

RV-35741

RV-36862

RV-36717

RV-40613

RV-40620
Preferred ownership issues:
  • Viewing assessment details in a program can reveal all stakeholders in the workflow, rather than only the preferred owners in the current stage.
  • Enabling preferred ownership on a workflow that is already in use only applies to subsequent preferred ownership assessments that use the workflow.
  • Deleting preferred ownership from controls after the launch of assessments does not change the assignment of controls to stakeholders.
  • If content in a program is added at the group level, and if it has preferred ownership added at the control level, duplicate controls will be created when the program is edited, or when assessments within that program are restarted.
    Workaround: Assign the preferred ownership at the same level as the content added in a program. For example, if the preferred ownership is assigned to the content at the group level, assign the content to the program at the group level. If the preferred ownership is assigned to the content at the control level, assign the content to the program at the control level.
  • Preferred ownership works only in the first stage of assessment workflows with branching.
  • Controls assigned to the assessment stakeholders do not get updated after editing the program to select the "Do not assess controls with preferred ownership configured when the entities being assessed have no owners that correspond to the preferred owners associated with the control" program option.
RV-30240A custom dashboard or chart that uses the comment column from the agl_ramitigationtable will fail to execute the query.
Workaround: To execute the custom query successfully, rename the comment column to mitigation_comment.
RV-31601The cache does not update immediately when controls and sub-controls are updated.
Workaround: Wait a few minutes for the controls and sub-controls to be updated in the relevant assessments.
RV-33240When propagation is enabled, answering the parent entity assessment will not update the scores of its child entities on the Program Details page > Assessments tab. Scores are updated correctly on the Assessment Details page > Control Results tab of the parent.
Workaround: To update the scores, select the child entity, then select Propagate Control Results from the More Actions drop-down list.
RV-33301When a user tries to run a Jaspersoft report after logging out of RiskVision, the report appears to run but is not rendered. The reason the report appears to run is that the Jaspersoft user interface is still available.
Workaround: Close the browser where the Jaspersoft application is running.
RV-35412Risks added to an assessment cannot be removed, even if the stakeholder changes the answer choice from any assessment workflow stage.
Workaround: Manually delete the risks.
RV-36406Adding the same input control multiple times when importing a RiskVision chart does not produce the desired results.
Workaround: If you need to have the same input control more than once, create a new input control with a different resource ID.
RV-36472It may not be possible to create an assessment that contains a dynamic group of more than 17,000 entities.
Workaround: Whenever a dynamic group contains more than 17,000 entities, split the excess entities into a separate dynamic group and then run the assessment.
RV-36615It is impossible to export JasperReports Server Fusion charts to formats other than PDF and HTML.
RV-37639The schema name is saved in the database in uppercase, even if the user entered it in lowercase when creating the schema:
  • Whenever hyphens are used in the schema name during import, the schema name is converted to uppercase. For example, "schema-name" becomes SCHEMA-NAME.
  • When an export is performed with the original name (schema-name in lower case), a "schema not found" error message is thrown. Export is successful if the schema name is given in uppercase.
Workaround: Avoid using hyphens in schema names. If you must use a hyphen, reference the schema name using uppercase.
RV-37753Risks are not auto-identified and text-type sub controls fail when scoring for text-type questions is enabled in Questionnaire Presentation Options.
RV-37965The JasperReports Server installation fails if the length of the installation path is longer than 260 characters.
RV-38326The JasperReports Tomcat service fails to start on a computer if the JasperReports Server installation path contains special characters, such as $, %, &, and @. The service does not start even when it is attempted manually.
RV-39271Users with an assigned Vulnerability severity filter receive an error message when accessing the entity.
Workaround: Use Entity Vulnerability General.Severity for this entity as a condition instead of Vulnerability General.Severity.
RV-39409It is not possible to advance a workflow stage if it is assigned a team of more than 200 stakeholders.
RV-39650Control results are not propagated down to related entities if multiple assessments for the related entities are created after the controls results have been propagated by the source entity.
Workaround: Execute Propagate control results from the More Actions drop-down on the Programs > Assessments page.
RV-41364Entities cannot be copied if they are imported into RiskVision without a primary owner.
Workaround: Assign a primary owner to all imported entities before copying them.
RV-42362Users with an Entity filter condition of Classification. Internal or external encounter an exception when running reports.
Workaround: Avoid using the Classification. External or internal attribute within any filter conditions. Use the Entity. Internal or External attribute instead.
RV-42602Entities cannot be retrieved for users with the filter condition EntityCustomAttributes_CustomText_1.
Workaround: Filtering based on CLOB-type columns on the RiskVision server is not supported. Any report attribute to be excluded from filtering must be marked as a non-filterable (‘filterable=”false”) in the ReportAttributes.xml file.
RV-42629Data in RiskVision doesn't honor the EntityCustomAttributes_CustomEncryptedString_1 filter.
Workaround: Any report attribute to be excluded from filtering must be marked as non-filterable (‘filterable=”false”) in the ReportAttributes.xml file. ACL filters with conditions based on encrypted fields are not supported.
RV-42839Unable to load data to users with the Incident filter condition of Incident_Incident_Comment ACL. Filtering based on CLOB-type columns is not supported on the RiskVision server.
Workaround: To prevent report attributes based on CLOB or similar columns from being displayed in Filter Manager’s filter condition field list, mark the report attributes as non-filterable (‘filterable=”false”) in ReportAttributes.xml file.
RV-42991Exceptions requested from Home-Exception Requests are not displayed in the Exceptions tab and Control results drill down.
Workaround: Create the exceptions at the assessment level, not on the Home > Exceptions page.
RV-43058The filter condition Entity Custom Attributes. Custom Rational Number 3 generates an error.
Workaround: Add the Custom Attributes extensions for Float in the ReportAttributes.xml file:
<Group name="AssetCustomAttributes">
<Attribute name="Asset.CustomAttributes.CustomAttributes.float1" displayname="Custom Rational Number 3" datatype="float" category="%Asset% Custom Attributes"></Attribute>
Restart Tomcat Services.
RRV-3019Policy text in Edit mode is cramped and difficult to read.
Workaround: Ensure the line spacing settings in Paragraph > Spacing > Line Spacing is set at Exactly 12pt or Exactly 14pt.
RRV-4012When upgrading to RiskVision 9.3, some vulnerabilities that have been imported in NVDB are missing their attached technologies.
Workaround: Post upgrade, set the following property in the Agiliance properties file: com.agiliance.agent.nvd.cve.forceUpdate=true. Restart the RiskVision Tomcat services and point the NVD Connector at the RiskVision database.
RRV-4336Users running RiskVision on Firefox version 68 are unable to change an ad hoc report's type to "Table".
Workaround: Run RiskVision in Google Chrome, Microsoft Edge, or any version of Mozilla Firefox below version 68.
RRV-5111The CVSS 2.0 Score is not being updated on a freshly installed RiskVision.
Workaround: Add the com.agiliance.agent.nvd.cve.forceUpdate=true property to the Server/config/agiliance.properties file and re-import CVEs using NVD connector.
RRV-5600Reports with logos are failing to load for users who have upgraded from RiskVision version 9.2 to 9.4.
Workaround: Follow the steps in the Reports With Logos Fail to Load article.
RRV-5921Users are unable to change whether or not they receive notifications for scheduled R6 reports.
Workaround: Open the agl_scheduledjob table and change the value of the JOB-DATA column to either TRUE or FALSE.
RRV-5922Users with a non-administration role are unable to run reports that require input controls.
Workaround: Open the applicationContext-security-web.xml file and change the <security:intercept-url pattern="/rest_v2/**" access="ROLE_ADMINISTRATOR" /> property to read <security:intercept-url pattern="/rest_v2/**" access="ROLE_USER,ROLE_ADMINISTRATOR" />
RRV-6004When running the Daily Server and Database Hot Backup job on a multi-tier setup, the following error message is returned: "BackupManager - Database backup failed due to error: com.agiliance.common.ALException:".
Workaround: Install Microsoft Visual C++ 2013 at the application's server side for smoother database backup.
RRV-6007Running the JasperRepository Export command from the C:\Server\buildomatic folder or running the Daily Server and Database Hot Backup jobs will return an error message.
Workaround: Replace the buildomatic folder of the reportserver in the server folder and run the js-export.cmd of the server folder in the C:\server\buildomatic folder or run the Daily Server and Database Hot Backup jobs for jasper repository backup.
RRV-6028Attempting to export the Fusion Chart while the reportserver file is installed in a custom drive like D will return an error message.
Workaround: Change the below properties in the %JASPER_HOME%\ReportServer\ReportServer\apache-tomcat\webapps\jasperserver-pro\WEB-INF\classes\jasperreports.properties file to reflect the custom drive the reportserver is installed in (e.g. if it is installed in a "D" drive, change "C" to "D".):
  • net.sf.jasperreports.phantomjs.executable.path=C:\\ReportServer\\\\ReportServer\\phantomjs\\bin\\phantomjs.exe
  • com.jaspersoft.jasperreports.components.customvisualization.phantomjs.executable.path=C:\\ReportServer\\\\ReportServer\\phantomjs\\bin\\phantomjs.exe
  • com.jaspersoft.jasperreports.components.customvisualization.require.js=file:///C:/ReportServer/ReportServer/apache-tomcat/webapps/jasperserver-pro/optimized-scripts/bower_components/requirejs/require.js
RRV-6121Attempting to open the 9.3.5 webservice after install returns an error message.
Workaround: Copy the EncryptionUtils.class property from <Agiliance Home>\Tomcat\webapps\spc\WEB-INF\lib\agiliance-common.jar and place it in C:\Program Files (x86)\Agiliance\Webservices Server\lib\agiliance-common.jar.
RRV-6319Jasper Reports with multiple pages throw an error message while attempting to navigate from one page to the next in the Jasper Reports Server while a report is simultaneously open in RiskVision.
RRV-6689Users who upgrade from RiskVision 9.4 to version 9.5 or 9.6 will be unable to import threats when Tomcat is on the local service.
Workaround: Change the Tomcat service with the local user account.
RRV-6770Users are not receiving scheduled Dashboard job reports via email attachments.
Workaround: Open the js.config.properties file and change the phantomjs.binary=c:\%JASPER_HOME%\phantomjs\bin\phantomjs.exe property to phantomjs.binary=c:\\%JASPER_HOME%\\phantomjs\\bin\\phantomjs.exe.
RRV-6912Group Definition nodes in the left-hand tree view are not populating beyond the default 200, even if the limit is set for more.
Workaround: This issue is currently specific to Google Chrome and Microsoft Edge. Viewing RiskVision using Mozilla Firefox displays all nodes correctly.
RRV-7098The Java Minimum and Maximum memories are not displayed correctly in the Report Server details section while upgrading JasperReports Server.
Workaround: The user must update these values manually if desired.
RRV-7153Jasper version 7.9 cannot be installed on a Windows 2019 OS server.
Workaround: The user must install Microsoft Visual C++ 2015 Redistributable (x64) in order to install Jasper 7.9.
RRV-7414When creating a new Dashboard, the Dashboard Settings pop-up is incorrectly aligned.
RRV-7420The JasperReport and Dashboard do not load when using JRS version 8.0 or below.
Workaround: Perform the following actions on Jasper's side:
  •  JASPER_HOME\apache-tomcat\bin\service.bat, the --JvmOptions should have the below prefix.
    • -Djavax.xml.stream.XMLInputFactory=com.sun.xml.internal.stream.XMLInputFactoryImpl;
  • Using the executable JASPER_HOME\apache-tomcat\bin\jasperreportsTomcatw add the below Java(JVM) option under the Java tab.
    • -Djavax.xml.stream.XMLInputFactory=com.sun.xml.internal.stream.XMLInputFactoryImpl
  • After making the above changes, restart the Jasper and RiskVision services.
RRV-7481
We have created a patch that will fix the Hyperlink issue. Customers upgrading to RiskVision version 9.7.1 and using this Hyperlink feature will require a patch to get the hyperlink feature working.
Workaround: Please contact our Support Team for the RiskVision version 9.7.1 Hyperlink patch.