Tenable Security Center 2023 Release Notes

For the Delinea Secret Server credential, users can now enter a URL in the Delinea Host field. Before you could only enter an IP or hostname.

01654432

Generic SSH Escalation field removed required and filed setup as per policy if required or not.

01646876

In some cases duplicate hosts in Universal repositories were counted toward the license for each repo they were in.

01640824, 01664333, 01666525, 01667889

Fixed a bug in file upload requests to scanners when Tenable Security Center and the scanner utilize certificate-based authentication. During the request generation, Tenable Security Centerwas inadvertently omitting the certificate, resulting in an erroneous outcome.

01631946

Update CSS only for specific drop-down element style to unset few global style, fixes the issue.

01627284

Update logic front-end won't display the error status until the dashboard has been fully evaluated.

01612838

The User::GET API response will now follow the objective of permissions as intended and matches with the GUI.

01623694

Improved the user deletion functionality to resolve the issue and implemented a restriction allowing users to only bulk delete up to 10 users at a time.

01624468

The "User Text" field in the Authentication Settings form was mislabelled as "Header Text", which could lead to confusion about where the value would be displayed. This field label has been corrected.

01617548

Updated the PHP file integrity check to exclude SAML configuration files.

01620889

For customer clarity, update caption for “Report” Alert action to now read: "Launch an existing On Demand Report"

01609808

When users are marked as deleted during migration because no message.db was found, updated the code so that you can no longer login as the deleted user.

01591639

Addressed an issue within the agent scan feature where the Agent scan PATCH REST API call was unintentionally removing agentGroups.

01606876

Resolved a bug within the policy feature, which was causing incomplete returns of audits when utilizing the auditFiles field with the /rest/policy endpoint.

01617747

While exporting the Host Discovery Policy, if the field max_simult_tcp_sessions is empty in Policy settings, then it will retain empty value in the exported file [instead of previously defaulted to unlimited].

01615970

"CVE ID" option in "Filter By" filter in Plugins module now allows selection of four different operators: Equal To (=), Not Equal To (≠), Contains, and Does Not Contain.

01614878

A bug introduced in Tenable Security Center 6.0 caused scans to only send IP addresses as targets rather than IP and FQDN when scanning with DNS asset lists as targets.

01602558, 01647697, 01610272

Update logic, now on page load, set the default timeframe chosen by the consumer, then the static one.

01611113

Users cannot use IPs as the Target type to identify the hosts that a risk rule should apply to if the host is in an agent repository.

01599040

In the scanner status log, fixed passwords that were being shown in plain text.

01610301

This is as designed. The missing information has been incorporated into the User Guide.

01596286

The f/e for System Logs was upgraded to a new model. The b/e code has been upgraded to support this new model. Now users can display results, use filters, and utilize the paging operations, and the item ranges and totals and page ranges and totals are correct.

01605309

Fixed a bug within the job daemon process responsible for managing the cleanup of terminated processes, which was leading to application crashes.

01604331

Added a fix about calculating scrollLeft position of the grid container before refresh and set the left position after the grid is refreshed.

01589237

In some cases Tenable Security Center was not removing namedb entries for hosts that were removed from the repository. This could cause namedb to grow very large if customers have a lot of short lived assets. Orphaned namedb entries will now be cleaned up.

01605832

Tenable Vulnerability Management changed the behavior of what happens when invalid API keys are provided to the server status api. Now Tenable Vulnerability Management returns a 401 which is an authorization failure. Updated the code so that If an authorization failure is detected, it returns gracefully that the connection failed.

01602907

Updated the nightly cleanup function that cleans up stale Scan Reports to properly handle the case where the scanner does not exist.

01600461

This resolves an issue in which the scan process would continue to run if the scan was deleted while the scan status was Preparing, Resolving, Verifying, or Initializing.

01599473

Fixed an issue with the installSSLCertificate.php script that previously prevented users from utilizing multiple options simultaneously.

01600901

Fixed a bug with querying Mobile data using the Identifier filter with an Identifier that has a comma in it. There was no way to tell if the comma was part of the value or a separator. The solution is to support one value in the Identifier filter. This resolves the problem of no data showing up when drilling down from the Device Summary tool to the Vuln List tool.

01597703

Redesigned this component as an enhancement to Tenable Security Center 6.2.0.

01588770

Fixed an issue where feed update or Tenable Security Center install would fail if TSC_ENTROPY_CHECK environment variable was set to true to force Tenable Security Center to use /dev/random as a random number generator.

01585877

Bugfix added to auto-refresh third-party charting library components in the rare event they do not render correctly on the first attempt.

01575902, 01595662

Fixed an issue where plugin names were being displayed as blank when plugin locale was changed before running the first plugin update job.

01577810

Fixed some cases where database locks were occuring during the import of scan results.

01570024

In some cases high quality OS detections were being overwritten by lower quality OS detections.

01573983

The prepareassets will be launched for all orgs [with access to agent repo] as below:

• the original initiator id will be retained for initiator org.

• for the other orgs the initiatorID will be the ORGHEAD id.

01557616

Customer is now able to properly filter by SCAP Audit Files in cases where this was not working.

--

Fixed the logic to show only the login panel/startup banner at once. The login Panel will be hidden by the startup banner if available in all cases.

01571286, 01524466

Fixed an issue where STIG audit was failing because RPM verification was flagging tvdb.db as being modified.

01550156

New field "Inactivity Timeout" provided in Active Scan Settings during creation/update to customize the timeout limit for receiving the Scan Progress before jumping Scanners.

01561848

Fixed how IP list is retrieved when an asset is not shared with a certain group.

01567384

Fixed an issue where PIV certificate authentication would fail after upgrading to Tenable Security Center 6.0.0 if the certificate contained multi-rdn values for CN

01564014

Added scroll to the slideout section so as to allow interaction with the entire content.

01563543

CSS updated to prevent textbooks from overriding dropdown elements.

01562172, 01648424, 01646722

Fixed a validation message that erroneously suggested users could apply multiple CVE filters when creating policies in the plugins section.

01552320, 01573872

Update logic by removing remote and offline repositories from the selected repository list.

01528355, 01625287

Fixed an issue in the feed update procedure that impacted customers with sizable organizations, numerous assets, dashboards, and reports. This was resolved by isolating the lengthy operation into its dedicated job.

01532323, 01643639

Customers were seeing system slowness due to a large number of queries defined. The customer in question was using the Tenable Security Center ticketing system and associating queries with tickets. So a large number of the queries were associated with tickets. Tickets are never deleted in Tenable Security Center and so neither are the associated queries. The solution is to delete any queries associated with a ticket when the status of the ticket is changed to "closed". In addition, to cleanup existing data, a migration script was created to delete all queries associated with tickets where the ticket status is "closed".

01446976, 01473727

Fixed a bug in the Picture in Picture feature, where users on slower connections would occasionally encounter an error message regarding invalid credentials.

01369184

8.9.0 and later