github Keeper-Security/Commander v18.0.9
Release 18.0.9
on GitHub

5 hours ago

New Features

  • KeeperAI PAM Connection Settings (pam connection ai)
    New command to manage KeeperAI settings on PAM resources and remote browser instances. Supports show, set, unset, and remove operations for AI configuration on PAM connections.

  • PAM Gateway Online Filter
    pam gateway list now accepts --online (-o) to filter results to only online gateways, along with gateway totals in the output.

  • Enterprise MSP Transfer
    Added support for transferring an enterprise to another MSP (KC-1024).

  • Thycotic Import: Selective Secret IDs
    import --format thycotic now accepts --secret-ids (comma-separated) to import or inspect specific secrets by ID — useful for debugging cases where the Thycotic lookup API omits secrets due to security policies.

  • KCM: Port Mapping Defaults and Empty User Handling
    KCM export now supports connections with empty user or port fields: missing ports fall back to protocol defaults (configurable via KCM_mappings.json), connections missing a user are logged for follow-up, and allow-file-uploads is available for RBI connections.

Bug Fixes

  • Security: SQL Injection in MSSQL Password Rotation
    Fixed a SQL injection vulnerability in MSSQL password rotation and added input validation to reject unsafe --password values.

  • PAM Rotation Edit: SaaS Profile Fix (DR-1280)
    Fixed an issue where pam rotation edit did not correctly apply SaaS profiles.

  • IAM User Link Rotation Request Shape
    Fixed the permission-check rotation request for IAM user links — configurationUid, matching revision, and an explicit empty resourceUid are now sent to correctly handle IAM rotation semantics.

  • NSF Share Expiration and Folder Labels (KC-1307–1310)

  • Fixed expiration updates for nsf-share-folder and nsf-share-record
  • Enforced a one-minute minimum on NSF and classic share expiration
  • Standardized list/search record_category output to lowercase (classic/nested)
  • Renamed Supershell Drive folder labels to Nested Shared Folder (Shared) and Nested Shared Folder (NonShared)

Enhancements

  • NSF Record Add/Update Policy Enforcement
    nsf-record-add and nsf-record-update now enforce GENERATED_PASSWORD_COMPLEXITY and RESTRICT_RECORD_TYPES enterprise policies.
Check out latest releases or
releases around Keeper-Security/Commander v18.0.9

Don't miss a new Commander release

NewReleases is sending notifications on new releases.

Get notifications