Tenable Security Center 5.21.0 Release Notes (2022-04-20)
You can download the update files from the Tenable Security Center Downloads page.
If you are running Tenable Security Center 5.12.0 or later, you can upgrade directly to Tenable Security Center 5.21.0. If you are running a version earlier than Tenable Security Center 5.12.0, upgrade to Tenable Security Center 5.12.0 before upgrading to Tenable Security Center 5.21.0.
If you are using Internet Explorer 11 on Windows 10 LTSB (build 14393.4104), you may need to add your Tenable Security Center installation to the “Trusted Sites” zone in order for the application to load.
If you are running Tenable Security Center 5.21.0 and you are using pyTenable with the Tenable Security Center API, you must upgrade pyTenable to version 1.4.2 or later.
If you upgrade Tenable Security Center Director, upgrade Tenable Security Center for all managed Tenable Security Center instances connected to Tenable Security Center Director. After upgrading, allow up to 15 minutes for your managed Tenable Security Center instances to sync with Tenable Security Center Director.
Tenable recommends performing a backup before upgrading Tenable Security Center. For more information, see Perform a Backup in the Tenable Security Center User Guide.
Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
Note: If your upgrade path skips versions of Tenable Security Center (for example, upgrading from 5.9.0 to 5.12.0 to 5.21.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.
Note: Tenable Security Center 5.21.0 is the last version of Tenable Security Center that will support Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable Security Center User Guide.
New Features
Host Asset View Data and Asset Criticality Rating in Tiered Reporting Environments and Tenable Security Center Director
Host asset data and Asset Criticality Rating data now roll up to tiered reporting environments and Tenable Security Center Director as part of a remote repository sync.
For more information, see View Hosts and View Host Details in the Tenable Security Center Director User Guide.
Scan Management Capabilities in Tenable Security Center Director via API
A new API allows you to create and delete active scans and scan objects, including the credentials, policies, and repositories in Tenable Security Center Director.
For more information, see the Tenable Security Center API Guide.
Enhanced Table and Grid Functionality
You can now resize and rearrange columns In table layouts in analysis, dashboard, alerts, and host asset views.
For more information, see Interact with a Customizable Table in the Tenable Security Center User Guide.
Bulk Operations for Accept and Recast Risk Rules
Tenable Security Center now supports selecting multiple vulnerabilities and bulk applying an Accept or Recast rule, including comments.
For more information see Accept Risk Rules and Recast Risk Rules in the Tenable Security Center User Guide.
Accept and Recast Risk Rule Comments Visible In Analysis View and Reports (beta)
Accept and recast risk rule comments are now visible in analysis views and reports, and are also available to view in both CSV and PDF export format.
For more information, see Configuration Settings in the Tenable Security Center User Guide.
Reduce I/O Writes on Disk (beta)
You can now enable the Performance Optimization feature to improve disk performance in environments where you are running frequent scans or remediation activities on small subsets of plugins.
For more information, see Configuration Settings in the Tenable Security Center User Guide.
More Information for Scan Errors
Tenable Security Center now includes a link to more information when errors occur during scanning to allow for more efficient troubleshooting.
For more information, see Error Messages in the Tenable Security Center User Guide.
Changed Functionality and Performance Enhancements
WAL database mode is now enabled by default.
Bug Fixes
| Bug Fix | Defect ID |
|---|---|
| Fixed an issue where matrix tables where not displaying bar options correctly. | 01354734 |
| Addressed an issue with Hashicorp authentication. | 01355759 |
| Corrected an issue where switching between tabs quickly would cause a UI error. | 01355643 |
| Corrected an issue that caused an error when creating an asset from a scan result. | 01314666 |
| Corrected an issue which would lead to a "resource not supported" error when hovering over an asset in an active scan belonging to a user in a different group. | 01354384 |
| Corrected an issue where the "See also" section was not showing for compliance audit checks. | 01347391 |
| Corrected an issue where the bar chart for severities in dashboards was not showing the correct colors. | 01341190 |
| Corrected an issue that lead to error status 69 when using agent scans. | 01343033 |
| Corrected an issue with SAML logins that could occur under rare circumstances. | 01334444 |
| Corrected a display issue when using banners that was cutting off results. | 01332105 |
| Reverted the error message in the Scan Results Window for License exceeded situations. | 01325248 |
| Corrected an issue when set results displayed was not carrying over into the same dashboard component. | 01330754 |
| Resolved an issue in which a remediation scan that is in Pending status for at least 1 minute after it is started starts a duplicate remediation scan, resulting in two remediation scans running to completion. | 01326942 |
| Reverted the functionality to launch remediation scans against multiple IPs from the Vulnerability Summary view. | 01328177 |
| Corrected a multi-line display issue with pie charts. | 01325079 |
| Corrected a database backup error that could occur under certain circumstances. | 01295233 |
| Corrected an API issue where UUID was not being returned when the fields parameter was specified. | 01288439 |
| Corrected an issue with a Tenable Security Center scan summary discrepancy that could occur under certain circumstances. | 01233386 |
| Corrected an issue where scans and combination asset lists error out when deleting assets that share names. | 01214536 |
Known Issues
-
Tenable Security Center may incorrectly flag "PHP File Integrity Errors" and "Correct RPM Package" in the system status page. This is a known issue and has no effect on functionality.
-
If you are changing another user's password and your user account does not have a password (for example, your user account is authenticated using SAML or LDAP), you are still required to type something in the Current Password field prior to changing the other user's password.
-
If the column select menu is open in table and you use the back/forward browser buttons closing the menu, the menu will persist on other pages until clicked.
-
When clicking on a non-sortable column, the working indicator in the lower left appears even though no sorting operation occurs.
-
There is no icon to indicate which column is the default sort column in dashboard tables.
API Changelog
For more information about the API changes for this release, see the Tenable Security Center API Changelog.
Filenames and Checksums
Filenames and MD5 or SHA-256 checksums are located on the Tenable Security Center Downloads page.
Tenable Integrated Product Compatibility
The following table lists the Tenable product versions tested with Tenable Security Center 5.21.0.
For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.
| Product | Tested Version |
|---|---|
| Tenable Nessus |
8.9.0 and later |
| OT Security | 3.9.25 and later |
| Tenable Log Correlation Engine | 6.0.0 and later |
| Tenable Nessus Network Monitor | 5.11.0 and later |