Tenable Security Center 2024 Release Notes

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:

1. Download the patch from the Tenable Security Center Downloads page to Tenable Security Center. You can save the files in any location (e.g., /tmp).

2. Access the command line as a user with root-level permissions.

3. Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:

   tar zxf [patch file name]

4. Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:

   cd [directory]

5. Run the following command to begin the installation:

   sh ./install.sh

   The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.

   Note: If Tenable Security Center does not automatically restart, then you may need to restart Tenable Security Center manually.

What to do next:

• (Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

• httpd

• install.sh

• php

• patch.manifest

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

If you are running Tenable Security Center 6.4.0 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.

If you upgrade Tenable Security Center Director, upgrade all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.

Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.

Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.21.0 to 6.0.0 to 6.4.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that supports Internet Explorer. For information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.

Enhanced Integration with Tenable OT Security

This is a future Tenable OT Security feature that will allow Tenable Security Center users to view OT asset metadata on the Host Assets page.

For more information, see Universal Repositories, View Hosts, and View Host Details in the Tenable Security Center User Guide.

Support for QiAnXin Privileged Access Management (PAM)

Tenable Security Center now supports the QiAnXin PAM integration. The integration can gather credentials from the QiAnXin PAM solution to be used for authentication for SSH, SMB and Database targets.

For more information, see SSH Credentials and Windows Credentials in the Tenable Security Center User Guide.

• Updated Apache HTTP Server to version 2.4.59.

• Updated PHP to version 8.2.18.

• Updated Kubernetes client to version 0.9.0.

• Updated libwebsocket to version 4.3.3.

• Updated libyaml to version 0.2.5.

Performance Enhancements

Improvements were made to the messaging system, asset lists, as well as greatly reducing the occurrences of DB Locks in a variety of scenarios for all customers.

Enhanced Logging Precision

Tenable Security Center now supports millisecond timestamps for log files.

For more information, see System Logs in the Tenable Security Center User Guide.

Support for Large Static Asset Lists

Static asset lists are now supported for up to 50,000 characters.

Improved Reliability with Synchronization between Tenable Security Center and Tenable One

Enhancements were made to large data syncs for increased reliability.

Enhanced Filtering on CVE IDs

Users can now use exact or contains filters on CVE IDs.

Renamed Solution to Steps to Remediate

Tenable Security Center has renamed the Solution export field to Steps to Remediate. This applies to the following export scenarios:

• Column selection in .csv and PDF exports of below tools:

• In .csv and/or PDF exports of the below tools:

  • Remediation summary

  • Vulnerability details

  • WAS Vulnerability details

  • Mobile Vulnerability details

• Plugin details in plugin listing

Bug Fix	Defect ID
Updated the links for CVE according to new specifications.	02038217
Fixed a problem where filters are not functioning with a manageable policy.	02036709
Fixed an issue where Auditfiles with commas in the filename were not getting downloaded from Chromium based browsers due to an Open bug in Chromium. The value of headers for filename is now quoted as a workaround to be able to download from Chromium based browsers.	01973638
Fixed a bug that could incorrectly report repositories as corrupt when showvulns-archive was run on a repository with trending enabled but full text search disabled.	01986236, 02008532, 02037599
Fixed an issue with the API showing a blank output header by adding the solutionID to the "tool": "sumremediation" section in the API request.	01966742
The API Rest reference for Role::GET endpoint is updated to include the existing missing permissions fields for requests and in the sample responses.	01920780
Fixed an issue where the username did not fit in the profile dropdown.	01687810
Fixed an issue where the top right icons were hidden at 100% zoom when the page size is adjusted.	01798684
Fixed an issue where /rest/policy rest api failed when context was added as a requested field.	01798252, 01883034
Fixed an issue where customers were unable to create a user when Tenable Security Center was in WebSeal Authentication mode.	01789093
Fixed an issue with the page selector on the Assets page.	01792512
Fixed an issue where duplicate records of auditfiles were obtained in the policy get response when there is at least one org created policies with auditfiles, where the same policy is not already available in default app policies.	01785952
Fixed an issue with validating adding no more than 5 credentials in VMware vCenter.	01721651
Fixed an issue caused by improper data format.	01775624
Fixed an issue where the Alerts page was inaccessible with an error in GUI. Once the user deletion without migration is failed due to blackout window bug, the remaining objects (including alerts) are left as is. And then the schedule for the Alert is deleted by a nightly cleanup job, which in turn resulted in the GUI error. Fixed the issue of Freeze window bug where deletion by id fails during user deletion.	01776417
Fixed an issue caused by improper data format being passed.	01776563, 01755396, 01783335
Fixed an issue where files larger than 2GB could not be uploaded to Tenable Security Center.	01776183, 01775169, 01777936, 01776269, 01780240, 01787375, 01786544, 01789369, 01788238, 01782484, 02013148
Fixed an issue where latest VPR scores were not being processed in the Tenable Security Center feed.	01773720
Fixed an issue where, when same permissions are set to existing and newly created roles, it makes the existing modified roles higher than the newly created one. This was due to some of the legacy permissions, which are no longer in use, being retained and left enabled for these existing default customizable roles. The legacy permissions are now disabled for all roles.	01729512
Fixed php-ssh2 lib Bug #79702 :: [php] 7090 Segmentation fault (core dumped) with a workaround for password-less pub key auth for Remote Repository Sync.	01769201, 01952494, 02012117
Release CICD feed update for update log level settings, and steps to remove db flag.	01765287
Included authType as a minimal field in the user API response.	01760061
For the CVEs browsed from global search, fixed the CVSS3 severity calculation based on score by following the First org CVSS3 standards.	01761030, 01780324
Notification will be shown to linked users only on editing users and not on updates of other preferences.	01749685
Fixed an issue where agent scans failed while uploading scan information to agent capable cloud scanner.	01708734, 01739140, 01753517, 01754537, 01718228, 01705681, 01721027, 01775562, 01756993, 02008518
A performance improvement was made to showvulns queries for report generation by reducing the amount of data that is pulled from hosts.db.	01717491, 01763482
The CVE search now shows plugins and corresponding hosts affected with exact match against CVE. Also the cveID filter in Analysis is provided with exact and contains operators.	01689771, 01711075
Fixed an issue where Tenable Nessus Manager plugin update failures show a Protocol Error status.	01612390, 01647256, 01666618, 01692366
Customers were seeing system slowness due to a large number of queries defined. The customer in question was using the Tenable Security Center ticketing system and associating queries with tickets. So a large number of the queries were associated with tickets. Tickets are never deleted in Tenable Security Center, so neither are the associated queries. The solution is to delete any queries associated with a ticket when the status of the ticket is changed to "closed". In addition, to clean up existing data, a migration script was created to delete all queries associated with tickets where the ticket status is "closed".	01446976, 01473727

• Creating multiple assets in succession can sometimes lead to delays in calculating hosts.

• When you upload a .nessus file from Tenable OT Security, the scan result type is Agent.

• Filtering a large number of assets on the CVE Summary tool can lead to exceptions.

For more information about the API changes for this release, see the Tenable Security Center API Changelog.

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page page.

The following table lists the Tenable product versions tested with Tenable Security Center 6.4.0.

For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.

Product	Tested Version
Tenable Nessus	8.9.0 and later
OT Security	3.9.25 and later
Tenable Log Correlation Engine	6.0.0 and later
Tenable Nessus Network Monitor	5.11.0 and later

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:

1. Download the patch from the Tenable Security Center Downloads page to Tenable Security Center. You can save the files in any location (e.g., /tmp).

2. Access the command line as a user with root-level permissions.

3. Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:

   tar zxf [patch file name]

4. Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:

   cd [directory]

5. Run the following command to begin the installation:

   sh ./install.sh

   The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.

   Note: If Tenable Security Center does not automatically restart, then you may need to restart Tenable Security Center manually.

What to do next:

• (Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

• fileIntegrityHashGenerator.php

• install.sh

• /opt/sc/bin/agent_prepareassets

• /opt/sc/bin/ipv4_prepareassets

• /opt/sc/bin/ipv6_prepareassets

• /opt/sc/bin/universal_prepareassets

• /opt/sc/bin/showvulns

• /opt/sc/bin/showvulns-archive

• /opt/sc/bin/showvulns-individual

• /opt/sc/bin/showvulns-mobile

• /opt/sc/support/bin/sqlite3

• /opt/sc/support/lib/libsqlite3.la

• /opt/sc/support/lib/libsqlite3.a

• /opt/sc/support/lib/libsqlite3.so.0.8.6

• /opt/sc/src/lib/AssetLib.php

• /opt/sc/src/DebugLogs.php

• /opt/sc/src/lib/ResponseHandlerLib.php

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

To enable updates through the Tenable Security Center feed:

1. Log in to Tenable Security Center as an Administrator.

2. In the left navigation, click System > Configuration.

   The Configuration page appears.

3. Click the Plugins/Feed tile.

   The Plugins/Feed Configuration page appears.

4. On the Plugins/Feed Configuration page, in the Tenable Security Center Software Updates section, enable the Enable Updates Through the Tenable Security Center Feed option.

   During the next scheduled feed update, Tenable Security Center applies the patch. In the Available Software Updates table, a timestamp appears in the row for the patch in the Last Updated column.

   -or-

   On the Plugins/Feed Configuration page, in the Available Software Updates section, select the patch in the table and click Install Now.

   Tenable Security Center applies the patch. In the Available Software Updates table, a timestamp appears in the row for the patch in the Last Updated column.

5. After the installation finishes, you must restart Tenable Security Center.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:

1. Download the patch from the Tenable Security Center Downloads page to Tenable Security Center. You can save the files in any location (e.g., /tmp).

2. Access the command line as a user with root-level permissions.

3. Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:

   tar zxf [patch file name]

4. Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:

   cd [directory]

5. Run the following command to begin the installation:

   sh ./install.sh

   The installation begins and Tenable Security Center stops.

6. After the installation finishes, you must restart Tenable Security Center.

What to do next:

• (Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

• index.html

• install.sh

• main.7efd504bee237dff391b.js

• patch.manifest

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

If you are running Tenable Security Center 5.12.0 or later, you can upgrade directly to Tenable Security Center 6.3.0. If you are running a version earlier than Tenable Security Center 5.12.0, upgrade to Tenable Security Center 5.12.0 before upgrading to Tenable Security Center 6.3.0.

If you are running Tenable Security Center 6.3.0 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.

If you upgrade Tenable Security Center Director, upgrade Tenable Security Center for all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.

Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.

Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.21.0 to 5.23.1 to 6.3.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that supports Internet Explorer. For information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.

Tenable Security Center in Kubernetes

Tenable Security Center users can now deploy Tenable Security Center in a Kubernetes cluster.

For more information, see Tenable Security Center in Kubernetes.

Support for Multiple Targets in Web Application Scans

Tenable Security Center now supports scanning multiple URL targets in web app scans.

For more information, see Web App Scan Settings in the Tenable Security Center User Guide.

Support for LDAP Engine with Hashicorp Vault Credentials

Tenable Security Center now supports LDAP Engine with Hashicorp Vault in authenticated scans.

For more information, see SSH Credentials, Windows Credentials, and Database Credentials Authentication Method Settingsin the Tenable Security Center User Guide.

Support for Arcon Database Credentials

Tenable Security Center now supports Arcon database credentials in authenticated scans.

For more information, see Database Credentials Authentication Method Settings in the Tenable Security Center User Guide.

Support for OpenShift Container Platform Credentials

Tenable Security Center now supports OpenShift Container Platform in authenticated scans.

For more information, see Miscellaneous Credentials in the Tenable Security Center User Guide.

Support for CyberArk Auto-Discovery Credentials

Tenable Security Center now supports CyberArk Auto-Discovery in authenticated scans.

For more information, see SSH Credentials, Windows Credentials, and Database Credentials Authentication Method Settings in the Tenable Security Center User Guide.

Filter by Software End of Life Dates

Tenable Security Center now supports filtering by Security End of Life date on vulnerabilities and plugins.

For more information, see Vulnerability Analysis Filters, Web App Scanning Analysis Filters, and Plugin Filters in the Tenable Security Center User Guide.

• Updated Apache Portable Runtime to version 1.7.4.

• Updated Backbone to version 1.5.0.

• Updated Composer to version 2.6.5.

• Updated curl to version 8.5.0

• Updated Handlebars to version 4.7.8.

• Updated jQuery to version 3.7.1.

• Updated Moment.js to version 2.30.1.

• Updated Moment Timezone to version 0.5.43.

• Updated OpenSSL to version 3.0.13.

• Updated SQLite to version 3.44.0.

• Updated SSH PECL to version 1.4.

• Updated zlib to version 1.3.

• Fixed a memory leak issue with Apache.

  Note: If you have more than 10,000 active IPs and you upgrade to Tenable Security Center 6.3.0 from a previous version, you must update some values in the Apache configuration file as part of the upgrade process. For more information, see Update the Apache Configuration File.

• Tenable Security Center now displays hostnames for network devices that are not registered in the DNS.

• Improvements to query times.

• Disabled sorting for some columns on the following pages:

  • Policies page: disabled sorting on the Type, Group, and Owner columns.

  • Report Results page: disabled sorting on the Group and Owner columns.

  • Accept Risk Rules page: disabled sorting on the Creator column.

  • Recast Risk Rules page: disabled sorting on the Repository and Creator columns.

  • Users page: disabled sorting on the Role and Group columns. For admin users, sorting was disabled on the Role column,

Bug Fix	Defect ID
Fixed an issue related to the user migration dialog.	01760161
Fixed an issue where closing a ticket would delete the query associated with it.	01755039
Addressed the problem of the Plugins API returning empty fields for 'requiredPorts' and 'requiredUDPPorts'.	01747836
Due to a change on the Pendo side, we had to alter the div (html element) taking focus to open the help icon.	01747836
Fixed an issue where job status shows "undefined" for certain jobs that are chained together. Job status will now show "chained" for chained jobs.	01738831
Fixed an issue where the Tenable Security Center API returned an error when attempting to recast results in an Agent repository.	01740128
Added validation of database name for IBM DB2 credentials.	01739064
Fixed an issue with Tenable Web App Scanning Cookie Authentication.	01731986, 01752029
Fixed an issue with horizontal scroll bar in module views when classification banner is present.	01731094
Resolved an issue where the Scan Results page was loading slowly or timing out with increase in the number of scan results. The fix is to fetch only those fields required for permission check, which will now not get the scanner details causing the slowness.	01737823, 01746970, 01740951, 01743358
Prevent imports to offline repositories via API.	01735008
Fixed an issue where LDAP credentials were written to sc-error.log when LDAP server was misconfigured.	01732831, 01731686
Fixed an issue with visual representation on the UI when an ampersand character was used in a tag name.	01731084
Added server-side pagination to reduce the number of records that have to be displayed.	01706806
Fixed an issue in which filters were not expanding correctly on the UI, and would overlap other filters in the CSV report definition.	01728168
Fixed an issue where Last Seen column in exported Host Assets CSV was in epoch. Now the Last Seen column is a properly formatted date time value.	01724924
Adjusted the implementation to set the selected tool in the query filter component before invoking onToolChange. This ensures that the filters are properly configured based on the selected tool.	01719941
Fixed an issue where users with no permission to manage users were unable to update their own profile.	01721356, 01763349
Active and WAS plugin families, that are new in a plugin update, are added to and enabled for existing scan policies for active and WAS scans.	01719450
Apache changes to pre-fork mode resolved PHP memory leak issue.	01704845, 01715675, 01716075, 01713568, 01718346, 01726458, 01729896, 01731908, 01732651, 01732727, 01732463, 01730559, 01729449, 01726715, 01731249, 01739259, 01738381, 01739168, 01745280, 01745186, 01745563, 01745624, 01746107, 01749324, 01748421, 01744866, 01757761, 01756296, 01766900, 01758725, 01770023, 01717737, 01733552, 01765996
Fixed an issue that caused scans to get stuck in pending during nightly cleanup if jobqueue.db has previously been manually cleared.	01696978
Fixed an issue when the filter "Vulnerability Last Observed" for Vulnerability Summary on the UI was entered and the Apply button pressed, the Apply button remained greyed out instead of changing to blue.	01707537, 01714464
Fixed an issue with user endpoint where the 'fields' requested were obtained in response only if canManage field was included in the request.	01703703, 01711993, 01717556, 01719961
Fixed an issue in Tenable Security Center Director instance where there is no option to "Show/hide on Dashboard" for dashboards uploaded by other users, despite being in the full access group and being in the Security Manager role.	01705496
Fixed an issue where the scanID being passed via the Analysis endpoint as a number no longer requires the scanID to be surrounded by quotation marks.	01703783, 01706036, 01707209, 01707766, 01704514, 01706540, 01707963, 01707964, 01704996
Added a minimum width to the table cell so that text is properly shown.	01696159
Added a fix where sorting preferences are transmitted from dashboard components and then applied to override the default sorting preferences in the drill-down vulnerability summary. This ensures that the drill-down analysis summary will be sorted according to the pre-configured sorting preferences from the dashboard component.	01688287
Tenable Security Center will send a Tenable Nessus telemetry request via a Proxy when a Web Proxy is configured and "Use Proxy" is turned on for the Tenable Nessus Scanner.	01689081
Fixed an issue where the Username field did not dynamically resize when resizing the browser window.	01687810
The maximum permitted length for both URL and query strings has been extended from 1600 to 4000 characters for all browsers, except for Edge, which still has a limit of 2048 characters. This adjustment ensures that the dashboard drill-down URLs remain intact and do not encounter issues.	01690807
Fixed an issue in which schedules for scan definitions were not validated for correctness when the scan definition was added using the API instead of the UI.	01690989
Search template functionality will no longer break in a VM that is access with a custom domain name that has a string "search" in it.	01664019
Fixed an issue of report generation erroring out due to lengthy plugin_output.	01676088, 01757728
All results for each compliance plugin with multiple results for a single host are reported individually in the plugin output, and list the result severity and value for the result. The overall severity of the compliance vulnerability for that host is the highest result severity of the multiple results.	01642027
Fixed erroneous click events which may have caused unwanted sort order changes in datagrid.	01678182
The Operation System is equal to Asset List gives results consistent with the Host Assets results and the Analysis List OS tool results.	01668605
Security Center retries requests to a cloud scanner that sends a response with a 500 HTTP response code.	01655500
Fixed a problem where asset files were not being removed from the system when a customer deletes a repository.	01676010
Fixed an issue where "Plugin Output" is showing up twice in some reports.	01664557
Fixed an issue within the internal messaging system where notifications would lead to eventual processing delays and possibly result in database locks in large installations.	01666385
Fixed an issue with scan and report scheduling because the Africa/Cairo timezone was recently changed from GMT+2 to GMT+3.	01665521
For Reports generated with IP summary iteration containing hosts with same uuid [agent hosts], the plugins output is no longer duplicated for a host.	01653583
Fixed an issue in which the Attack Surface Domain Discovery scan failed for large domains.	01647309
Fixed an issue where users were unable to send e-mails using SSL with a self signed certificate.	01614597, 01697781, 01699774
Fixed an issue where the Health Overview dashboard was timing out, by optimising the Scan Zone Overlap component, for large number of Scanners and Scan zones.	01604266
The filtering on 'Scan Policy Plugins' in vulnerabilities results now works for non-advanced policies.	01625383
If a scanner had gone down, we would attempt the same request 10 times every 10 seconds. At the end of the 10 tries, we go into a scan timeout state. During the scan time out, we’ll check every minute for an update on the scanner. If the scanner comes back online then the job will resume. The scanner will have 12 hours to come back up (aligned with active scan default.)	01590464
Fixed issues with filtering by IP address on large amounts of IP Addresses.	01548603, 01598416, 01596911

Timezone Synchronization Issue

When you perform a fresh install of Tenable Security Center,or install Tenable Security Center in Kubernetes, the plugin update may take some time and trigger database locking errors due to timezone synchronization issues. The system will be busy and unable to import assets or perform other significant database transactions.

When you enter your Tenable Nessus activation code during installation, the plugin update task is scheduled. You can monitor the status of the plugin update on the Plugins/Feed Configuration page. After the plugin update is complete, you can use Tenable Security Center as normal.

Vulnerability Analysis DNS Name Filter

The DNS Name filter on the Vulnerability Analysis page does not support multi-byte characters (for example, Japanese or Chinese characters). When a user filters by DNS Name in the Vulnerability Analysis list, the results do not include vulnerabilities with multi-byte characters in the DNS Name field. As a workaround, remove the DNS Name filter from the query and the vulnerabilities will appear.

OpenShift Container Platform Settings

When you configure settings for OpenShift Container Platform credentials in audit scans, the Token field is limited to 1024 characters. If your credential token is longer than 1024 characters, Tenable Security Center will truncate the token, which will result in an authentication error and no scan results.

For more information about the API changes for this release, see the Tenable Security Center API Changelog.

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page page.

The following table lists the Tenable product versions tested with Tenable Security Center 6.3.0.

For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.

Product	Tested Version
Tenable Nessus	8.9.0 and later
OT Security	3.9.25 and later
Tenable Log Correlation Engine	6.0.0 and later
Tenable Nessus Network Monitor	5.11.0 and later