Nessus 10.2.0 Release Notes - 2022-05-26
New Features
The following are the new features included in Tenable Nessus 10.2.0:
-
Added a new Scan Summary tab that highlights important scan data in Nessus Professional.
-
You can now configure update plans for Tenable Nessus Agents linked to Nessus Manager.
-
BYOL scanners can now add scan targets by Instance ID.
-
Added the aws_scanner flag to the Nessus AWS integration workflow.
Note: The aws_scanner parameter is required for Nessus to perform the auto-discovery of targets and provide those targets to Tenable Vulnerability Management. For more information, see Launch Pre-Authorized Nessus Scanner in the AWS Integrations User Guide. -
Added details of plugin execution failures to audit trails.
Changed Functionality and Performance Enhancements
The following enhancements are included in Tenable Nessus 10.2.0:
-
Enabled audit signing support for Tenable Nessus Agent to provide a secure verification capability for audit scanning files.
For more information, see the Audit Signing Overview KB article.
-
Added more detailed logging for node scans.
-
Improved compliance reporting performance by removing redundant data from the scan DB file.
-
Extraneous data in compliance descriptions is now disabled by default.
-
Added a preference setting that limits the amount of data generated by compliance plugins.
Security Updates
The following are security updates included in Tenable Nessus 10.2.0:
-
Updated Zlib to version 1.2.12 to address a medium level vulnerability.
-
Updated libexpac to version 2.4.8 to address several security vulnerabilities.
-
Removed Nessus version information from unauthenticated API calls.
-
Updated jQuery UI to version 1.13.0.
For more information, see the Tenable Product Security Advisory.
Bug Fixes
| Bug Fix | Defect ID | Applies to |
|---|---|---|
| Fixed an issue where custom audit files were not included in user-to-user data transfers. | 01321424 | Nessus Manager |
| VPR data loading is now postponed until after an upgrade-driven restart. | 01346169 | Nessus Manager, Nessus Professional |
| Fixed an issue where a database file was incorrectly deleted due to contention. | 01346169 | Nessus Manager, Nessus Professional |
| Fixed an issue where plugins would fail to abort when reaching memory limits in certain environments. | 01376928 | Nessus Manager, Nessus Professional |
| Fixed an issue where agent scan durations were exceeding the scan window setting. | 01338368 | Nessus Manager |
| Fixed an issue where a User-Defined Nessus Agent scan would incorrectly save as an Advanced Agent scan. | 01351178 | Nessus Manager |
| Fixed an issue where the Nessus Manager dashboard would not change when plugin rules are applied. | 01264988 | Nessus Manager |
| Fixed an issue where Web App Scanning scan configuration options were not editable. | 01311212 | Nessus Manager, Nessus Professional |
| Fixed an issue where exported report sections would be incorrectly colored. | 01303175 | Nessus Professional |
| Fixed an issue where the report reference text would overlap the surrounding content. | 01318470 | Nessus Professional |
| Fixed an issue where linking a Nessus scanner to Tenable Vulnerability Management would fail when designating group memberships. | 01378961 | Nessus Scanner |
Upgrade Notes
-
Due to the dynamic plugin compilation update, Tenable Nessus customers who have custom plugins could experience compilation failures if their plugins do not adhere to the updated standards outlined in the NASL Library Optimization guide. We recommend that customers with custom plugins review this guide and make any necessary updates before updating to Tenable Nessus 10.0.x.
- You can upgrade to the latest version of Tenable Nessus from any previously supported version.
- If your upgrade path skips versions of Tenable Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
- If you want your scanners to automatically update to the newest version before the GA date, set your Nessus Update Plan to Opt in to Early Access releases.
- If you want to manually update your scanners to the latest version before the GA date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
-
For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:
- Windows 7 SP1
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1