Tenable Security Center 2023 Release Notes
These release notes are listed in reverse chronological order. To jump to a place in the release notes, use the list to the right.
Tenable Security Center 6.1.1 (2023-06-07)
You can download the update files from the Tenable Security Center Downloads page.

If you are running Tenable Security Center 5.12.0 or later, you can upgrade directly to Tenable Security Center 6.1.1. If you are running a version earlier than Tenable Security Center 5.12.0, upgrade to Tenable Security Center 5.12.0 before upgrading to Tenable Security Center 6.1.1.
If you are running Tenable Security Center 6.1.1 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.
If you upgrade Tenable Security Center Director, upgrade Tenable Security Center for all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.
Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.
Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.20.0 to 5.23.1 to 6.1.1), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.
Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that supports Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.

MaaS360 MDM Integration
Tenable Security Center customers can now create MaaS360 MDM mobile repositories.
For more information, see Mobile Repositories in the Tenable Security Center User Guide.

Bug Fix | Defect ID |
---|---|
When syncing assets lists from Tenable Security Center to Tenable Vulnerability Management, updated the request payload so that filter values are chunked to contain no more than 1024 values per filter. Customers can now sync asset lists from Tenable Security Center to Tenable Vulnerability Management tags successfully when they contain more than 1024 filter values (IPs, FQDNs, and Tenable UUIDs). |
01597028 |
Tenable Security Center was updated to maintain asset information in the case when all cumulative vulns have expired but there are some mitigated vulns remaining. |
01570011, 01585371, 01604201 |
Updated diagnostics so that all system calls run successfully with the output results shown in sc-systeminfo.txt within the diagnostic file. A diagnostic can now be successfully run in EL7, 8, and 9 environments. |
01584035 |
Fixed issue with asset calculation in Universal repository when a referenced asset no longer existed. |
01548973, 01593435, 01612646 |
Fixed bug in asset list count for Universal repository that occurred when there was more than one asset with the same FQDN in the repository. |
01557339, 01589415 |
Fixed an issue that caused an "API Keys not accepted" error for agent scans on agent manager. |
01534931, 01540595, 01561334 |
When editing an asset on a large repository with many groups and a large user base, the internal error 500 occurs. Now this has been resolved. |
01531118, 01555418 |

For more information about the API changes for this release, see the Tenable Security Center API Changelog.

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

The following table lists the Tenable product versions tested with Tenable Security Center 6.1.1.
For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.
Product | Tested Version |
---|---|
Tenable Nessus |
8.9.0 and later |
Tenable OT Security | 3.9.25 and later |
Tenable Log Correlation Engine | 6.0.0 and later |
Tenable Nessus Network Monitor | 5.11.0 and later |
Tenable Security Center Patch 202304.1 (2023-04-25)
Apply this patch to Tenable Security Center installations running Tenable Security Center 5.22.0, 5.23.1, and 6.0.0. This patch updates PHP to version 8.1.16 to address CVE-2023-0568 and CVE-2023-0662.
Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

- php

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center Patch 202304.0 (2023-04-12)
Apply this patch to Tenable Security Center installations running Tenable Security Center 6.1.0.
This patch resolves an issue with synchronization using Tenable One/Tenable Lumin, where Agent UUIDs with dashes in Asset Lists created issues with Tag definitions.

If you are running Tenable Security Center 6.1.0 and have enabled updates through the feed, this patch will be applied automatically.
To enable updates through the Tenable Security Center feed:
-
Log in to Tenable Security Center as an Administrator.
-
In the left navigation, click System > Configuration.
The Configuration page appears.
-
Click the Plugins/Feed tile.
The Plugins/Feed Configuration page appears.
-
On the Plugins/Feed Configuration page, in the Tenable Security Center Software Updates section, enable the Enable Updates Through the Tenable Security Center Feed option.
During the next scheduled feed update, Tenable Security Center applies the patch. In the Tenable Security Center Software Updates table, a timestamp appears in the row for the patch in the Last Updated column.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
httpd
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center Patch 202303.2 (2023-03-28)
Apply this patch to Tenable Security Center installations running Tenable Security Center 5.22.0, 5.23.1, and 6.0.0. This patch updates Apache to version 2.4.56 to address CVE-2023-25690.
Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
httpd
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center 6.1.0 (2023-03-22)
You can download the update files from the Tenable Security Center Downloads page.

If you are running Tenable Security Center 5.12.0 or later, you can upgrade directly to Tenable Security Center 6.1.0. If you are running a version earlier than Tenable Security Center 5.12.0, upgrade to Tenable Security Center 5.12.0 before upgrading to Tenable Security Center 6.1.0.
If you are running Tenable Security Center 6.1.0 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.
If you upgrade Tenable Security Center Director, upgrade Tenable Security Center for all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.
Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.
Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.20.0 to 5.23.1 to 6.1.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.
Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that supports Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.

Global Search for Assets
Tenable Security Center customers can now use the Global Search feature to search for host assets by IPv4.
For more information, see Search in the Tenable Security Center User Guide.
Domain Inventory Filtering
Tenable Security Center customers can now filter their domain inventory assets.
For more information, see Domain Inventory Filter Components in the Tenable Security Center User Guide.
Linked Users for Non-Admin Accounts
Tenable Security Center customers can now create linked users for Security Manager user accounts.
For more information, see Linked User Accounts in the Tenable Security Center User Guide.
Bulk ACR Edit
Tenable Security Center customers can now edit multiple ACR values at a time.
For more information, see Edit an ACR Manually in the Tenable Security Center User Guide.
Recast Expiration Date
Tenable Security Center customers can now set expiration dates for recast rules.
For more information, see Add a Recast Risk Rule in the Tenable Security Center User Guide.
Tenable One Data Reliability
For customers using the Lumin Connector, Tenable Security Center data in Lumin is now far more reliable as Tenable One now recognizes the host UUID generated by Tenable Security Center.
For more information, see Tenable One Synchronization in the Tenable Security Center User Guide.
Notification Bell Icon
The Tenable.sc header now includes a notification bell, which alerts users of important notifications.
For more information, see Notifications in the Tenable Security Center User Guide.
Wildcards in NetBIOS Name Filter
Tenable.sc customers can now user wildcards and regular expressions in the Vulnerability Analysis NetBIOS Name filter.
For more information, see Vulnerability Analysis Filter Components in the Tenable Security Center User Guide.
Delinea Secret Server PAM
Tenable.sc now supports the Delinea Secret Server PAM authentication method.
For more information, see Windows Credentials, SSH Credentials, and Privilege Escalation in the Tenable Security Center User Guide.

Added commas to numbers with four or more digits to make them easier to read.

Bug Fix | Defect ID |
---|---|
A POST request to create a policy requires that the state (mixed or enabled), and the type (locked or unlocked for a state of mixed, and always unlocked for a state of enabled) be included for each family in the request. | 01558364 |
Added a fix where "Create Plugin scans" is not visible if "Create Scan" is disabled on initial loading of a custom role edit. | 01553947 |
Corrected how Tenable.sc determines if the data is ready to refresh. | 01509109 |
PDFs are no longer encrypted by default. The 'Encrypt PDF' option must be enabled before a PDF is encrypted. | 01549696 |
Fixed issues handling and accounting for early, requested pauses, resumes and stops within the active scan process. | 01546822 |
Fixed loading of AES/ACR from database. | 01546444 |
This fixes a bug where the code was crashing if the user used an external SC API and did not provide a User Agent header. | 01538318 |
Fixed issue where users were unable to copy Dashboard components to Dashboard tabs that they manage but not own. | 01401206 |
Added a sort compare function for the risk reduction column and will sort properly in the dashboard component "Worst of the worst - Top 10 prioritized actions" | 01513870 |
Fixed issue where column "IP/Device Count" did not sort properly in Repositories list view. | 01524451 |
Improvements made to mobile scans to prevent timeouts. | 01435903 |
Fixed user privileges for scan results view to have pause and stop button enabled for the scans created by that user, even without MO enabled. | 01512444 |
typeFields was not handled properly for few credential types. Now all supported credential types support typeFields. | 01489431 |
Optimization of backend queries during the SC feed process. This saves PHP memory and prevents PHP 'out of memory' issues. | 01510611, 01508444, 01532158, 01537509 |
When creating a scan policy, setting "Search for DTLS" to anything other than 'None' saves correctly now. | 01503411 |
Fixed an issue where importing a scan causes a "license check failed" error. | 01501139, 01515264 |
Fixed an issue where column "Owner" did not sort properly in Active Scans list view. | 01498956 |
Fixed an issue where old scan results were not being cleaned up when an expiration lifetime was configured. | 01488760 |
Large Tenable Security Center Debug logs will no longer throw memory related issues. | 01493694, 01497471, 01550915 |
Fixed an issue where the post-scan report was not generated if the active scan was created via API. | 01439481 |
Bug Fix | Defect ID |
A POST request to create a policy requires that the state (mixed or enabled), and the type (locked or unlocked for a state of mixed, and always unlocked for a state of enabled) be included for each family in the request. | 01558364 |
Added a fix where "Create Plugin scans" is not visible if "Create Scan" is disabled on initial loading of a custom role edit. | 01553947 |
Corrected how TTenable Security Center determines if the data is ready to refresh. | 01509109 |
PDFs are no longer encrypted by default. The 'Encrypt PDF' option must be enabled before a PDF is encrypted. | 01549696 |
Fixed issues handling and accounting for early, requested pauses, resumes and stops within the active scan process. | 01546822 |

-
The Address filter on the Domain Inventory page allows users to enter invalid values.
-
Some instances of Tenable Lumin still appear in the UI, instead of Tenable One.
-
If a user views the View Scan Result page while a scan is running, an error may appear in the admin log. This will not affect the scan.
-
There is a cosmetic UI issue with overflowing borders on the Add Dynamic Asset page.
-
There can be discrepancies between vulnerability data in Tenable Security Center and Tenable Vulnerability Management when vulnerabilities for dead hosts are removed from the cumulative database.

For more information about the API changes for this release, see the Tenable Security Center API Changelog.

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

The following table lists the Tenable product versions tested with Tenable Security Center 6.1.0.
For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.
Product | Tested Version |
---|---|
Tenable Nessus |
8.9.0 and later |
Tenable OT Security | 3.9.25 and later |
Tenable Log Correlation Engine | 6.0.0 and later |
Tenable Nessus Network Monitor | 5.11.0 and later |
Tenable Security Center Patch 202303.1-6.x (2023-03-01)
Apply this patch to Tenable Security Center installations running version 6.0.0. This patch updates OpenSSL to version 3.0.8 to address the following vulnerabilities:

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
libcrypto.a
-
libcrypto.so
-
libcrypto.so.3
-
libssl.so
-
libssl.so.3
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center Patch 202303.1-5.x (2023-03-01)
Apply this patch to Tenable Security Center installations running version 5.23.1. This patch updates OpenSSL to version 1.1.1t to address the following vulnerabilities:

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
libcrypto.so.1.1
-
libssl.so.1.1
-
openssl
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center Patch 202302.3 (2023-02-21)
Apply this patch to Tenable Security Center installations running Tenable Security Center 5.22.0 and 5.23.1. This patch updates libCurl to version 7.86.0 to address CVE-2022-42916.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
libcurl.a
-
libcurl.la
-
libcurl.so.4.8.0
-
liblber.so.2.0.200
-
libldap.so.2.0.200
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center Patch 202302.2 (2023-02-21)
Apply this patch to Tenable Security Center installations running Tenable Security Center 5.22.0, 5.23.1, and 6.0.0. This patch updates Apache to version 2.4.55 to address CVE-2022-37436 and CVE-2022-37436.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
httpd
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center Patch 202302.1 (2023-02-07)
Apply this patch to Tenable Security Center installations running Tenable Security Center 5.23.1. This patch fixes an issue where some users see a "scan progress not showing in Scan Results page" error while scanning.

Apply the patch to a standalone Tenable Security Center or Tenable Core + Tenable Security Center:
- Download the patch from https://www.tenable.com/downloads/tenable-sc to Tenable Security Center. You can save the files in any location (e.g., /tmp).
-
Access the command line as a user with root-level permissions.
-
Run the following command to untar the patch file, where [patch file name] is the name of the .tgz patch file you downloaded:
tar zxf [patch file name]
-
Run the following command to change the directory to the extracted directory, where [directory] is the extracted directory:
cd [directory]
-
Run the following command to begin the installation:
sh ./install.sh
The installation begins and Tenable Security Center stops. After the installation finishes, Tenable Security Center automatically restarts.
What to do next:
-
(Optional) Confirm the patch successfully applied to Tenable Security Center, as described in the knowledge base article.

-
html/index.html
-
html/main.52a1ec78d7f29ac9bc2d.js
-
SCILib.php
-
style.css
-
darkmode.css
-
install.sh

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Security Center 6.0.0 (2023-01-25)
You can download the update files from the Tenable Security Center Downloads page.

If you are running Tenable Security Center 5.12.0 or later, you can upgrade directly to Tenable Security Center 6.0.0. If you are running a version earlier than Tenable Security Center 5.12.0, upgrade to Tenable Security Center 5.12.0 before upgrading to Tenable Security Center 6.0.0.
If you are running Tenable Security Center 6.0.0 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.
If you upgrade Tenable Security Center Director, upgrade Tenable Security Center for all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.
Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.
This release includes an upgrade to OpenSSL 3.0.x. This resolves two issues found in the open source libraries, CVE-2021-3450 and CVE-2021-3449. Both issues were rated High. As a result, X.509 certificates signed using SHA1 are no longer allowed at security level 1 or higher. The default security level for TLS is 1, so certificates signed using SHA1 are by default no longer trusted to authenticate servers or clients. Customers who encounter this issue should upgrade their certificates. For more information, see the OpenSSL 3.0 release notes.
Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.9.0 to 5.12.0 to 6.0.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.
Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that supports Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.

New Look and Feel
The Tenable Security Center look and feel has been modernized by updating the typography, navigation, login screen, and more.
OpenSSL 3.0 Support
Tenable Security Center now supports OpenSSL 3.0.
Oracle Linux 9 and Red Hat Enterprise Linux (RHEL) 9 Support
Added support for Oracle Linux 9 and RHEL 9. Tenable Security Center will continue to support CentOS 7, RHEL 7, and RHEL 8.
For more information, see System Requirements in the Tenable Security Center User Guide.
Dashboard Matrix Default Color Swatches
Tenable Security Center customers can now select from a group of default colors when editing dashboard matrix component rules.
For more information, see Custom Dashboard Component Options in the Tenable Security Center User Guide.
Scan Policy Plugin Management
Tenable Security Center customers can now add and enable plugins in mixed plugin families.
For more information, see Configure Plugin Options in the Tenable Security Center User Guide.
Updating Tenable Security Center Patches Through the Feed
Tenable Security Center customers can now download and install patches directly inside the Tenable Security Center console. There is a new option to automatically install patches with feed updates.
For more information, see Configuration Settings in the Tenable Security Center User Guide.
Health Overview Dashboard
Tenable Security Center has a new Health Overview dashboard that provides quick access to deployment issues. Tenable Security Center customers can use this dashboard to gain better insight and understanding of their Tenable Security Center infrastructure.
For more information, see Health Overview Dashboard in the Tenable Security Center User Guide.
Password Expiration
Tenable Security Center administrative users can now set password expiration settings for users.
For more information, see User Account Options in the Tenable Security Center User Guide.
Current/Previous Year Filter
The Time filter in Tenable Security Center now includes the Current Year and Last Year options.
For more information, see Vulnerability Analysis Filters in the Tenable Security Center User Guide.
Wallix Bastion PAM
Tenable Security Center now supports the Wallix Bastion PAM authentication method.
For more information, see Database Credentials Authentication Method Settings in the Tenable Security Center User Guide.
Global Search
Tenable Security Center customers can now search for vulnerabilities by CVE.
For more information, see Search in the Tenable Security Center User Guide.
Increased PDF Encryption Strength
Tenable Security Center customers can now encrypt PDF reports using a 256 bit AES algorithm.
For more information, see Report Options in the Tenable Security Center User Guide.
Update Asset List before Running Dependent Scans
In Tenable Security Center if a dependent scan is using a dynamic asset list, that asset list will now be updated before the scan runs.
For more information, see Assets in the Tenable Security Center User Guide.
NetBIOS Filter
Tenable Security Center customers can now filter vulnerabilities by NetBIOS name.
For more information, see Vulnerability Analysis Filter Components in the Tenable Security Center User Guide.
Universal Repository
Tenable Security Center customers have access to the new Universal repository type, which can store data from IPv4, IPv6, and Agent repositories.
For more information, see Universal Repositories in the Tenable Security Center User Guide.
CyberARK Credential Updates
Tenable Security Center customers that use CyberArk credentials can now use Address for the Get Credentials By setting.
For more information, see SSH Credentials in the Tenable Security Center User Guide.

Performance improvements for Tenable Security Center Director and syncing repositories.

Bug Fix | Defect ID |
---|---|
Fixes a race condition on login that may have caused incorrect permissions for the logged-in user under poor network conditions. | 01504937 |
Fixed an issue with sorting accept rules by Creator. |
01494988 |
Fixed issues related to chunk deletion and chunk re-injection when scanners go offline during a scan. |
01490102, 01496734, 01529623, 01536174 |
Stopped using recursion to process combination asset lists to prevent using up stack memory. |
01485883, 01479281, 01509793, 01475287 |
The SC feed was updated to exclude the AD Identity Scan policy template. | 01483391 |
Removed *.cloudfront.net from the CSP request header. The domain was previously added to download content for Pendo, but now all external resources are served from a Tenable domain. |
01483322 |
Fixed an issue where large scan result imports were failing by removing database locks. |
01482303 |
Fixed a dashboard query error with the Output Assets filter. | 01480528 |
Fixed an issue so the agentScan API returns agentGroups field information upon request. agentScan?fields=agentGroups::GET | 01478230 |
Fixed an issue where selecting the Initiator column would not properly sort the job queue. |
01474973 |
Fixed an issue where the Licensing Status dashboard widget appeared blank. | 01471612, 01479097, 01468610, 01517641 |
Fixed an issue where if the diagnostic scan failed, the diagnostic scan password was not sanitized in the system log. | 01470275 |
Fixed the backup and restore config tools to correctly backup and restore compliance plugin data. This was resolved by accounting for an offset in row IDs between the backup and restore box, particularly plugin external reference data. | 01469141 |
Introduced the new Time filter with Created and Finished options to replace the Completion Time filter. | 01467850, 01477190, 01481914, 01506659, 01466750, 01524139, 01536947 |
Fixed an issue where Asset bulk delete throws an error. A condition has been added to /asset/id::DELETE to verify JobLib::getIgnoreAddingNewJobsStatus(). If the Ignore adding new job option is enabled, we return the response without looking for the affected group. | 01459697, 01479181, 01497531, 01523580 |
Fixed an issue when using the import option in IBM DB2 credentials where the client certificates entered in the Legacy CyberArk credentials screen were not retained after saving the details. | 01455757 |
Fixed an issue where the last item in the data grid(tabulator) could not be accommodated when classification is mentioned. The issue is fixed by modifying the logic to calculate the height for the new screens appropriately to contain the classification and removing the "!important" in the css. |
01451953 |
Fixed an issue where system logs would not scroll beyond the selected month. This was resolved by changing the design of the table. System logs are now in a paginated list, instead of an infinite scroll paradigm. | 01449648, 01475247 |
Fixed an issue where clicking the dashboard component with Query Value: Hosts would take the user to the wrong tool in Vulnerability Analysis. The user now lands correctly on the Vulnerability List. | 01449110 |
Fixed an issue where a query error would appear in Vulnerability Analysis after deleting a scan result. The issue was fixed by adding a check to find if the scan result exists in the system, then loading the view based on that. | 01443526 |
Fixed an issue where the automatic refresh on the Scan Results page did not save the user's scroll position in the table, | 01442405, 01507580, 01518858 |
Fixed an issue where a Tenable Nessus Compliance Scan import failed, despite a success message from Tenable Security Center. | 01436887 |
Fixed an issue where dashboard components were referencing invalid queries, making users unable to edit the dashboard components. | 01406788 |
Fixed an issue where the Owner filter on the Report Results page would show multiple instances of the same owner name. | 01400225 |
Fixed an issue where the file /opt/sc/support/etc/SimpleSAML/config/config.php could be overwritten during a Tenable Security Center upgrade. | 01385220 |
Reduced the time and accuracy of the List Software tool to calculate results from updates made to Plugin #22869 and Plugin #20811. | 01382651 |

-
When an admin creates a new user, the Switch User option doesn't show up immediately after creating the linked user.
-
When the browser window is resized, Line Chart components will not resize appropriately to fit their respective containers.
-
When zooming in on the browser, some elements in the header may no longer be visible.
-
Pendo is reporting an incorrect date format in the SC productExpirationDate metadata.
-
Safari SC users will see shadows of the left navigation after clicking.
-
When in any Analysis view, the Analysis icon in SideNav should have a blue background with a dark blue line to the left.
-
Creating a risk rule doesn't work for certain combinations for fields and repositories. For example, creating a risk rule with an IP as the identifier doesn't work for an Agent repo.
-
Pagination icons should appear grayed out when they are unusable, for example, when there is only 1 page of results.
-
Universal repository is not available in the Quick Setup Guide.

For more information about the API changes for this release, see the Tenable Security Center API Changelog.

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

The following table lists the Tenable product versions tested with Tenable Security Center 6.0.0.
For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.
Product | Tested Version |
---|---|
Tenable Nessus |
8.9.0 and later |
Tenable OT Security | 3.9.25 and later |
Tenable Log Correlation Engine | 6.0.0 and later |
Tenable Nessus Network Monitor | 5.11.0 and later |