Tenable Nessus 2023 Release Notes
Tenable Nessus 10.5.2 (2023-05-11)
Security Updates
The following are security updates included in Tenable Nessus 10.5.2:
-
Updated libxml2 to 2.11.1.
-
Updated libxslt to 1.1.37.
For more information, see the Tenable Product Security Advisory.
Tenable Nessus 10.5.1 (2023-03-30)
Bug Fixes
| Bug Fix | Defect ID | Applies to |
|---|---|---|
| Fixed the logic that Tenable Nessus plugins use to determine whether ports are open or closed before portscanning. | 01567463, 01565318, 01570037, 01567594, 01571554, 01570459, 01574943, 01569096 | All Tenable Nessus versions |
| Fixed an issue where Tenable Security Center-managed scanners were not communicating with Tenable.sc during setup. | 01570364, 01572426, 01571146 | All Tenable Nessus versions scanners |
| Fixed an issue where agent core updates were not processing on Tenable Nessus Manager. | 01576489, 01571544 | Tenable Nessus Manager |
Tenable Nessus 8.15.9 (2023-03-07)
Security Updates
The following are security updates included in Tenable Nessus 8.15.9:
-
Updated OpenSSL to version 1.1.1t.
For more information, see the Tenable Product Security Advisory.
Tenable Nessus 10.4.3 (2023-03-07)
Security Updates
The following are security updates included in Tenable Nessus 10.4.3:
-
Updated OpenSSL to version 3.0.8.
For more information, see the Tenable Product Security Advisory.
Tenable Nessus 10.5.0 (2023-03-02)
New Features
The following are the new features included in Tenable Nessus 10.5.0:
-
Added Docker support for Tenable Security Center-managed scanners. For more information, see Deploy Tenable Nessus as a Docker Image.
-
Added the ability to save custom filter configurations. For more information, see Search and Filter Results.
-
Improved the activation workflow of purchased products. Activating previously purchased products is now easier. For more information, see Configure Tenable Nessus.
-
Expanded VPR for Tenable Nessus Professional, Tenable Nessus Expert, and Tenable Nessus Essentials.
-
Updated the Tenable Nessus Manager Sensors tab to show agent UUIDs.
-
Enhanced Attack Surface Discovery results filtering so that you can filter by all result columns.
-
Added the ability to export Attack Surface Discovery scan results.
Changed Functionality and Performance Enhancements
The following enhancements are included in Tenable Nessus 10.5.0:
-
Removed the VPR Top Threats scan results tab.
-
Improved CA read performance over TLS.
-
Improved Tenable Nessus global DB backup performance.
-
Added Terrascan.db to the nessuscli backup command.
Security Updates
The following are security updates included in Tenable Nessus 10.5.0:
-
Updated spin.js to 2.3.2.
-
Updated datatables.net to 1.13.2.
-
Updated OpenSSL to 3.0.8.
For more information, see the Tenable Product Security Advisory.
Bug Fixes
| Bug Fix | Defect ID | Applies to |
|---|---|---|
| Updated Tenable Nessus to send socket timeouts when the send operation is in the SSL_WANT_READ state. | 01515292 | Managed Tenable Nessus scanners |
| Reduced Tenable Nessus memory use when parsing hostnames. | 01490663 | All Tenable Nessus scanners installed in Windows environments |
| Fixed a bug that generated the API disabled message. | 01521210 | All Tenable Nessus versions |
| Added Kanji font support in PDF reports. | 01406825 | All Tenable Nessus versions |
| Prevented configuration of the default cluster group while plugins are compiling. | 01499319 | Tenable Nessus Manager |
| Tenable Nessus now backs up default files when you perform a full reset of Tenable Nessus. | 01469769 | All Tenable Nessus versions |
| Fixed a PDF page break issue. | 01474946 | All Tenable Nessus versions |
| Added the build number to the available Tenable Nessus Agent upgrade listing. | 01449324 | Tenable Nessus Manager |
| Modified the behavior of payload handling to return a 400 error if a payload is not complete. | 01443043 | All Tenable Nessus versions |
| Modified Tenable Nessus to load activation workflow scripts locally to prevent plugin 119811 from flagging tenable.com. | 01518622, 01516109 | All Tenable Nessus versions |
Supported Platforms
-
Added support for the following operating systems:
-
Rocky Linux 9 (x86_64 and AArch64)
-
Alma Linux 9 (x86_64 and AArch64)
-
Redhat 9 (x86_64 and AArch64)
-
Debian 11 (i386 and AMD64)
-
-
Removed support for the following operating systems:
-
FreeBSD 11 and earlier
-
Ubuntu 13.10 and earlier
-
SUSE 11 and earlier
-
Debian 9 and earlier
-
Oracle Linux 6 and earlier
-
CentOS 6 and earlier
-
Kali 2019 and earlier
-
Windows 8 and earlier
-
Windows Server 2008 R2 and earlier
-
macOS 10.15 and earlier
-
Tenable Nessus 8.15.8 (2023-01-18)
Changed Functionality and Performance Enhancements
The following are changed functionality and performance enhancements included in Tenable Nessus 8.15.8:
-
Removed the ability to specify a Java executable path from the Tenable Nessus user interface to prevent undesired changes. Administrators can now specify a Java executable path with a nessuscli command: nessuscli fix --set path_to_java (for more information, see Fix Commands).
-
Fixed an issue that prevented users from using the Tenable migration tool to migrate Nessus 10.4.x licensed scanners to Tenable Vulnerability Management.
Security Updates
The following are security updates included in Tenable Nessus 8.15.8:
-
Fixed a local privilege escalation vulnerability.
For more information, see the Tenable Product Security Advisory.
Tenable Nessus 10.4.2 (2023-01-18)
Changed Functionality and Performance Enhancements
The following are changed functionality and performance enhancements included in Tenable Nessus 10.4.2:
-
Removed the ability to specify a Java executable path from the Tenable Nessus user interface to prevent undesired changes. Administrators can now specify a Java executable path with a nessuscli command: nessuscli fix --set path_to_java (for more information, see Fix Commands).
Bug Fixes
| Bug Fix | Defect ID | Applies to |
|---|---|---|
| Fixed a network socket state that caused Tenable Nessus processes to stall in certain circumstances. | 01481734 | All Tenable Nessus versions |
| Enabled TCP keepalives on certain network connections to shorten Tenable Nessus stall times. | 01481734 | All Tenable Nessus versions |
Security Updates
The following are security updates included in Tenable Nessus 10.4.2:
-
Fixed a local privilege escalation vulnerability.
For more information, see the Tenable Product Security Advisory.
Upgrade Notes
-
Tenable.io FedRAMP environments support Tenable Nessus scanners version 8.x and 10.4.0 and later.
- (Automatic upgrades only) If you upgrade Tenable Nessus to a version later than 10.5.0, the Tenable Nessus will first upgrade to 10.5.0 before it upgrades to the desired version.
- You can upgrade to the latest version of Tenable Nessus from any previously supported version.
- If your upgrade path skips versions of Tenable Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
- If you want your scanners to update to the newest version before the GA date automatically, set your Tenable Nessus Update Plan to Opt in to Early Access releases.
- If you want to update your scanners to the latest version before the GA date manually, disable automatic updates so the scanner does not automatically downgrade to the previous version.
-
For Tenable Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:
- Windows 7 SP1
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1