Nessus 10.3.0 Release Notes - 2022-07-11
New Features
The following are the new features included in Tenable Nessus 10.3.0:
-
Added the new Tenable Nessus Expert license and the ability to upgrade to Tenable Nessus Expert from the user interface.
-
Added new Terrascan scanning features to Tenable Nessus Expert.
-
Integrated Bit Discovery into Tenable Nessus Expert as a new scan template: Attack Surface Discovery.
Note: The attack surface discovery scan currently has a limit of discovering 100,000 child domains and displaying 2,500 domain results in the default results view. You can view all the scan results by applying filters. Tenable is working to extend the maximum child domain amount for customers with larger sets of exposed child domains. -
Updated OpenSSL to support version 3.0.5.
-
Updated Tenable Vulnerability Management-linked scanners to support differential plugin updates.
-
You can now configure trusted certificate authorities (CAs) for individual scans.
Changed Functionality and Performance Enhancements
The following enhancements are included in Tenable Nessus 10.3.0:
-
Updated the Tenable Nessus NASL compiler to stop when it encounters file errors.
Bug Fixes
| Bug Fix | Defect ID | Applies to |
|---|---|---|
| Fixed an issue where ACAS colors would appear incorrectly. | 01290503 | Nessus Manager, Nessus Professional |
| Fixed an infinite loop issue related to certain HTTP requests. | 01369596 | All Tenable Nessus versions |
|
Fixed an RDNS lookup issue that affected some Nessus instances. Note: To address this bug, Tenable Nessus was modified to use an asynchronous method of reverse DNS lookup. The asynchronous lookup method is unstable in some newer Linux versions, so Nessus instances installed on Linux systems still use the original synchronous lookup method. Most Linux users should use the original synchronous method. However, if the synchronous lookup method causes your scans to stall, you can upgrade to the new asynchronous method by running the following command: nessuscli fix --set rdns.use_asynchronous_lookup.
|
01280566 | All Tenable Nessus versions |
Upgrade Notes
-
If you are upgrading to Nessus Expert from a previous version of Nessus, you must upgrade Nessus to 10.3 prior to performing the Expert upgrade.
-
Due to the dynamic plugin compilation update, Tenable Nessus customers who have custom plugins could experience compilation failures if their plugins do not adhere to the updated standards outlined in the NASL Library Optimization guide. We recommend that customers with custom plugins review this guide and make any necessary updates before updating to Tenable Nessus 10.0.x.
- You can upgrade to the latest version of Tenable Nessus from any previously supported version.
- If your upgrade path skips versions of Tenable Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
- If you want your scanners to automatically update to the newest version before the GA date, set your Nessus Update Plan to Opt in to Early Access releases.
- If you want to manually update your scanners to the latest version before the GA date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
-
For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:
- Windows 7 SP1
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1
Downgrade Notes
-
Once you upgrade to Nessus Expert, you cannot downgrade to Nessus 10.2 using the Expert license. Doing so puts the application in a nonfunctional state.