Nessus 10.0.0 Release Notes - 2021-11-01
The following are the new features included in Nessus 10.0.0:
Added Nessus 10 support for Raspberry Pi to run scans on the portable, low-cost platform.
Added Nessus dark mode for easy viewing over long periods of time.
Added customized reporting in Nessus to tailor reporting data according to your needs.
Improved plugin compiler for reduced total disk usage, faster initial installation, and faster processing of plugin updates.
Enhanced user interface experience with list multi-select and scan score details.
Updated eight existing reports with explanatory descriptions of the represented data.
Added new Summary tab for agent scan results to provide more-detailed visibility on cluster scans in Nessus Manager.
Added new Resource Center for announcements, feedback, and Nessus-related help.
Changed Functionality and Performance Enhancements
The following additional enhancements are included in Nessus 10.0.0:
Implemented defragmentation of Nessus databases to reduce transient use of excess disk space during plugin recompilation.
Added built-in packet capture in Nessus - controllable via scan configuration - to allow for easy debugging of unexpected scan results and network access issues.
Updated the supported SSL ciphers to remove less-secure CBC ciphers, and updated the default cipher used for Nessus communications for increased security.
The following are security updates included in Nessus 10.0.0:
Fixed a vulnerability for local privilege escalation in nessusd.exe v220.127.116.1139 (a debugging tool).
|Bug Fix||Defect ID||Applies to|
|Fixed an issue where the Nessus Manager file upload API would not return a useful error when called with invalid parameters.||01204820||Nessus Manager|
|Fixed an issue with enforcement of user access restrictions for agent groups defined with no access.||01192413||Nessus Manager|
|Fixed an issue that would cause the Credentialed Checks value on a scan result to wrongly show as no.||01265405||All Nessus versions|
|Fixed the Nessus Manager UI to not show the Plugins tab when viewing the results of an agent scan created from a custom policy.||1168595||Nessus Manager|
|Fixed an issue that would cause Nessus to crash during scanning on certain OSs by upgrading a third-party library (libjemalloc).||01026229, 01156766, 01150178, 01160224||All Nessus versions|
|Fixed an issue where a requested abort of a Nessus scan would take longer than expected to complete.||01136479||All Nessus versions|
|Fixed an issue with scan packet captures that would cause incorrect warnings of packets getting truncated in the scan results.||01076654||All Nessus versions|
Red Hat Enterprise Linux 5 is no longer supported.
Due to the dynamic plugin compilation update, Nessus customers who have custom plugins could experience compilation failures if their plugins do not adhere to the updated standards outlined in the NASL Library Optimization guide. We recommend that customers with custom plugins review this guide and make any necessary updates before updating to Nessus 10.
- You can upgrade to the latest version of Nessus from any previously supported version.
- If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
- If you upgrade to this version of Nessus and downgrade later on, run the following command to ensure support for Internet Explorer: nessuscli fix --set ssl_cipher_list=compatible.
- If you want your scanners to automatically update to the newest version prior to the GA date, set your Nessus Update Plan to Opt in to Early Access releases.
- If you want to manually update your scanners to the latest version prior to the GA date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:
- Windows 7 SP1
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1