Tenable Core 2023 Release Notes
These release notes summarize updates made to Tenable Core in 2023. Downloading and installing the most recent version of the offline ISO image initiates these updates on your Tenable Core machine.
Tip: Tenable recommends applying all offline updates, in order, to your offline Tenable Core machine. Do not skip offline updates.
To update using the Tenable Core offline ISO image, see the documentation for your application:
- Tenable Core + Tenable Nessus
- Tenable Core + Tenable Nessus Network Monitor
- Tenable Core + Tenable Security Center
- Tenable Core + Tenable Web App Scanning
Note: To update Tenable Core + Tenable OT Security using the offline ISO image, contact Tenable Support.
For more information about product updates, see the release notes for your application.
Tenable Core on Oracle Linux 8

Tenable has chosen Oracle Linux 8 as our new open-source platform. This replaces Tenable Core + Nessus and Tenable Core + Security Center on CentOS 7.0. Both platforms will continue to coexist until June 2024, when CentOS 7 reaches its end of life. We encourage all customers to adopt the new OL8 version as soon as possible. The upgrade to Tenable Core from CentOS to Oracle 8 is a manual process. For more information, see the Tenable Core + Nessus and Tenable Core + Security Center migration guides.

-
Tenable Core is now based on Oracle Linux 8.
-
Tenable applications (e.g., Nessus, Security Center, etc.) are now at the top of the side navigation bar in their own section.
-
System hardening now uses the openscap tooling (and can be checked with openscap tooling).
-
Installation from ISO now presents a graphical interface when errors are encountered.
-
Tenable Core now uses python 3.
-
GPG signature checking is enabled for all package repositories.
-
Password complexity rules have been dropped in favor of NIST Special Publication 800-63B - Appendix A—Strength of Memorized Secrets recommended minimum length requirements
-
Software updates have moved from the Software Updates page to the Update Management page.

-
Migration of Tenable Security Center and Nessus from current (EL7) Tenable Core systems to new (OL8) Tenable Core systems is supported via backup and restore mechanisms.
-
Relevant documentation links are available under the Help menu in the user interface.
-
The user interface now allows for gaining and dropping admin privileges from within the user interface.
-
ISO installation user interface allows for more/better/easier network configuration.
-
System welcome banner message can now be edited from within the user interface.
Q1 2023

-
Tenable Core OVAs with Tenable.sc 6.0 or newer now contain two virtual disks. The disks are combined into a single volume group and there should be no impact to normal usage. Tenable Core + Tenable.sc ISOs format and use two disks if they are available at install time.

-
Incomplete backups no longer fill /opt/tenablecore/spool if automatic backups are enabled but remote storage is not configured.
-
Fixed problems setting alternate listening ports for Tenable.sc in the web user interface.
-
Feedback is now displayed in the web user interface if uploading a trusted CA fails.

This ISO includes the following updates:
CESA-2023:0045 Important CentOS 7 tigervnc Security Update
CESA-2023:0046 Important CentOS 7 xorg-x11-server Security Update
CESA-2023:0195 Moderate CentOS 7 java-11-openjdk Security Update
CESA-2023:0203 Moderate CentOS 7 java-1.8.0-openjdk Security Update
CESA-2023:0291 Important CentOS 7 sudo Security Update
CESA-2023:0296 Important CentOS 7 firefox Security Update
CESA-2023:0377 Important CentOS 7 libXpm Security Update
CESA-2023:0399 Important CentOS 7 kernel Security Update
CESA-2023:0402 Moderate CentOS 7 bind Security Update
CESA-2023:0403 Important CentOS 7 sssd Security Update
CESA-2023:0456 Important CentOS 7 thunderbird Security Update
CEBA-2023:0398 CentOS 7 resource-agents BugFix Update
CEBA-2023:0401 CentOS 7 httpd BugFix Update
CESA-2023:1091 Important CentOS 7 kernel Security Update
CESA-2023:1095 Moderate CentOS 7 zlib Security Update
CEBA-2023:1096 CentOS 7 autofs BugFix Update
CEBA-2023:1097 CentOS 7 pki-core BugFix Update
CEBA-2023:1098 CentOS 7 diffutils BugFix Update
CESA-2023:1332 Important CentOS 7 nss Security Update
CESA-2023:1335 Important CentOS 7 openssl Security Update

Type | Reference |
---|---|
CentOS 7: tigervnc (CESA-2023:0045) |
CVE-2022-4283 |
CentOS 7: xorg-x11-server (CESA-2023:0046) |
CVE-2022-4283 |
CentOS 7: java-11-openjdk (CESA-2023:0195) |
CVE-2023-21835 |
CentOS 7 : java-1.8.0-openjdk (CESA-2023:0203) |
CVE-2023-21830 |
CentOS 7 : sudo (CESA-2023:0291) |
CVE-2023-22809 |
CentOS 7 : firefox (CESA-2023:0296) |
CVE-2022-46871 |
CentOS 7 : libXpm (CESA-2023:0377) |
CVE-2022-4883 |
CentOS 7 : kernel (CESA-2023:0399) |
CVE-2021-26401 |
CentOS 7 : bind (CESA-2023:0402) |
CVE-2021-25220 |
CentOS 7 : sssd (CESA-2023:0403) |
CVE-2022-4254 |
CentOS 7 : thunderbird (CESA-2023:0456) |
CVE-2022-46871 |
CentOS 7 : kernel (CESA-2023:1091) |
CVE-2022-42703 |
CentOS 7 : zlib (CESA-2023:1095) |
CVE-2022-37434 |
CentOS 7 : nss (CESA-2023:1332) |
CVE-2023-0767 |
CentOS 7 : openssl (CESA-2023:1335) |
CVE-2023-0286 |