Tenable Security Center 5.21.0 Release Notes (2022-04-20)

You can download the update files from the Tenable Security Center Downloads page.

Upgrade Notes

If you are running Tenable Security Center 5.12.0 or later, you can upgrade directly to Tenable Security Center 5.21.0. If you are running a version earlier than Tenable Security Center 5.12.0, upgrade to Tenable Security Center 5.12.0 before upgrading to Tenable Security Center 5.21.0.

If you are using Internet Explorer 11 on Windows 10 LTSB (build 14393.4104), you may need to add your Tenable Security Center installation to the “Trusted Sites” zone in order for the application to load.

If you are running Tenable Security Center 5.21.0 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.

If you upgrade Tenable Security Center Director, upgrade Tenable Security Center for all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.

Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.9.0 to 5.12.0 to 5.21.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that will support Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.

New Features

Host Asset View Data and Asset Criticality Rating in Tiered Reporting Environments and Tenable Security Center Director

Host asset data and Asset Criticality Rating data now roll up to tiered reporting environments and Tenable Security Center Director as part of a remote repository sync.

For more information, see View Hosts and View Host Details in the Tenable Security Center Director User Guide.

Scan Management Capabilities in Tenable Security Center Director via API

A new API allows you to create and delete active scans and scan objects, including the credentials, policies, and repositories in Tenable Security Center Director.

For more information, see the Tenable Security Center API Guide.

Enhanced Table and Grid Functionality

You can now resize and rearrange columns In table layouts in analysis, dashboard, alerts, and host asset views.

For more information, see Interact with a Customizable Table in the Tenable Security Center User Guide.

Bulk Operations for Accept and Recast Risk Rules

Tenable Security Center now supports selecting multiple vulnerabilities and bulk applying an Accept or Recast rule, including comments.

For more information see Accept Risk Rules and Recast Risk Rules in the Tenable Security Center User Guide.

Accept and Recast Risk Rule Comments Visible In Analysis View and Reports (beta)

Accept and recast risk rule comments are now visible in analysis views and reports, and are also available to view in both CSV and PDF export format.

For more information, see Configuration Settings in the Tenable Security Center User Guide.

Reduce I/O Writes on Disk (beta)

You can now enable the Performance Optimization feature to improve disk performance in environments where you are running frequent scans or remediation activities on small subsets of plugins.

For more information, see Configuration Settings in the Tenable Security Center User Guide.

More Information for Scan Errors

Tenable Security Center now includes a link to more information when errors occur during scanning to allow for more efficient troubleshooting.

For more information, see Error Messages in the Tenable Security Center User Guide.

Changed Functionality and Performance Enhancements

WAL database mode is now enabled by default.

Bug Fixes

Bug Fix Defect ID
Fixed an issue where matrix tables where not displaying bar options correctly. 01354734
Addressed an issue with Hashicorp authentication. 01355759
Corrected an issue where switching between tabs quickly would cause a UI error. 01355643
Corrected an issue that caused an error when creating an asset from a scan result. 01314666
Corrected an issue which would lead to a "resource not supported" error when hovering over an asset in an active scan belonging to a user in a different group. 01354384
Corrected an issue where the "See also" section was not showing for compliance audit checks. 01347391
Corrected an issue where the bar chart for severities in dashboards was not showing the correct colors. 01341190
Corrected an issue that lead to error status 69 when using agent scans. 01343033
Corrected an issue with SAML logins that could occur under rare circumstances. 01334444
Corrected a display issue when using banners that was cutting off results. 01332105
Reverted the error message in the Scan Results Window for License exceeded situations. 01325248
Corrected an issue when set results displayed was not carrying over into the same dashboard component. 01330754
Resolved an issue in which a remediation scan that is in Pending status for at least 1 minute after it is started starts a duplicate remediation scan, resulting in two remediation scans running to completion. 01326942
Reverted the functionality to launch remediation scans against multiple IPs from the Vulnerability Summary view. 01328177
Corrected a multi-line display issue with pie charts. 01325079
Corrected a database backup error that could occur under certain circumstances. 01295233
Corrected an API issue where UUID was not being returned when the fields parameter was specified. 01288439
Corrected an issue with a Tenable Security Center scan summary discrepancy that could occur under certain circumstances. 01233386
Corrected an issue where scans and combination asset lists error out when deleting assets that share names. 01214536

Known Issues

  • Tenable Security Center may incorrectly flag "PHP File Integrity Errors" and "Correct RPM Package" in the system status page. This is a known issue and has no effect on functionality.

  • If you are changing another user's password and your user account does not have a password (for example, your user account is authenticated using SAML or LDAP), you are still required to type something in the Current Password field prior to changing the other user's password.

  • If the column select menu is open in table and you use the back/forward browser buttons closing the menu, the menu will persist on other pages until clicked.

  • When clicking on a non-sortable column, the working indicator in the lower left appears even though no sorting operation occurs.

  • There is no icon to indicate which column is the default sort column in dashboard tables.

API Changelog

For more information about the API changes for this release, see the Tenable Security Center API Changelog.

Filenames and Checksums

Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.

Tenable Integrated Product Compatibility

The following table lists the Tenable product versions tested with Tenable Security Center 5.21.0.

For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.

Product Tested Version
Tenable Nessus

8.9.0 and later

OT Security 3.9.25 and later
Tenable Log Correlation Engine 6.0.0 and later
Tenable Nessus Network Monitor 5.11.0 and later