Nessus 10.2.0 Release Notes - 2022-05-26

New Features

The following are the new features included in Nessus 10.2.0:

  • Added a new Scan Summary tab that highlights important scan data in Nessus Professional.

  • You can now configure update plans for Nessus Agents linked to Nessus Manager.

  • BYOL scanners can now add scan targets by Instance ID.

  • Added details of plugin execution failures to audit trails.

Changed Functionality and Performance Enhancements

The following enhancements are included in Nessus 10.2.0:

  • Enabled audit signing support for Nessus Agent to provide a secure verification capability for audit scanning files.

    For more information, see the Audit Signing Overview KB article.

  • Added more detailed logging for node scans.

  • Improved compliance reporting performance by removing redundant data from the scan DB file.

  • Extraneous data in compliance descriptions is now disabled by default.

  • Added a preference setting that limits the amount of data generated by compliance plugins.

Security Updates

The following are security updates included in Nessus 10.2.0:

  • Updated Zlib to version 1.2.12 to address a medium level vulnerability.

  • Updated libexpac to version 2.4.8 to address several security vulnerabilities.

  • Removed Nessus version information from unauthenticated API calls.

  • Updated jQuery UI to version 1.13.0.

For more information, see the Tenable Product Security Advisory.

Bug Fixes

Bug Fix Defect ID Applies to
Fixed an issue where custom audit files were not included in user-to-user data transfers. 01321424 Nessus Manager
VPR data loading is now postponed until after an upgrade-driven restart. 01346169 Nessus Manager, Nessus Professional
Fixed an issue where a database file was incorrectly deleted due to contention. 01346169 Nessus Manager, Nessus Professional
Fixed an issue where plugins would fail to abort when reaching memory limits in certain environments. 01376928 Nessus Manager, Nessus Professional
Fixed an issue where agent scan durations were exceeding the scan window setting. 01338368 Nessus Manager
Fixed an issue where a User-Defined Nessus Agent scan would incorrectly save as an Advanced Agent scan. 01351178 Nessus Manager
Fixed an issue where the Nessus Manager dashboard would not change when plugin rules are applied. 01264988 Nessus Manager
Fixed an issue where Web App Scanning scan configuration options were not editable. 01311212 Nessus Manager, Nessus Professional
Fixed an issue where exported report sections would be incorrectly colored. 01303175 Nessus Professional
Fixed an issue where the report reference text would overlap the surrounding content. 01318470 Nessus Professional
Fixed an issue where linking a Nessus scanner to Tenable.io would fail when designating group memberships. 01378961 Nessus Scanner

Upgrade Notes

  • Due to the dynamic plugin compilation update, Nessus customers who have custom plugins could experience compilation failures if their plugins do not adhere to the updated standards outlined in the NASL Library Optimization guide. We recommend that customers with custom plugins review this guide and make any necessary updates before updating to Nessus 10.0.x.

  • You can upgrade to the latest version of Nessus from any previously supported version.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • If you want your scanners to automatically update to the newest version before the GA date, set your Nessus Update Plan to Opt in to Early Access releases.
  • If you want to manually update your scanners to the latest version before the GA date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
  • For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:

    • Windows 7 SP1
    • Windows Server 2008 SP2
    • Windows Server 2008 R2 SP1