Nessus 10.4.0 Release Notes - 2022-10-27
New Features
The following are the new features included in Tenable Nessus 10.4.0:
-
You can now activate new Tenable Nessus Professional and Tenable Nessus Expert trials from within the application when you start Tenable Nessus for the first time.
-
Tenable Nessus Expert users can now view Terrascan results and generate reports from the Tenable Nessus Expert user interface.
-
You can now log in and perform some operations while Tenable Nessus compiles plugins.
-
You can now manage multiple agents at once by using bulk commands from the Tenable Nessus Manager user interface.
-
Nessus usernames can now contain parentheses — "(" and ")".
-
Nessus now has improved log rotation flexibility.
-
Nessus now supports FIPS mode communications.
-
Nessus now has improved TLS 1.3 support due to the following additions:
-
The ChaCha20 stream cipher with the Poly1305 message authentication code.
-
The Ed25519 and Ed448 digital signature algorithms.
-
The x25519 and x448 key exchange protocols.
-
Changed Functionality and Performance Enhancements
The following enhancements are included in Tenable Nessus 10.4.0:
-
You can now make copies of scan templates.
-
ASM scan efficiency improvements.
-
Report queue processing improvements.
-
Scan note language improvements.
Security Updates
The following are security updates included in Nessus 10.4.0:
-
Updated the following libraries to address several vulnerabilities:
-
Updated datatables to 1.12.1.
-
Updated jquery-ui to 1.13.2.
-
Updated less.js to 4.1.3.
-
Updated moment.js to 2.29.4.
-
Updated select2.js to 4.0.13.
-
Updated underscore.js to 1.13.4.
-
Updated zlib to 1.2.13.
For more information, see the Tenable Product Security Advisory.
-
-
Fixed an input validation issue for some input fields that relied on client-side validation.
-
Updated Nessus Manager linking so that linking keys for agents, scanners, and nodes are now different from each other.
Bug Fixes
Bug Fix | Defect ID | Applies to |
---|---|---|
Improved scan start-up performance for scans with many individually enabled plugins. | 01363633 | All Tenable Nessus versions |
Fixed a bug that deleted the local scanner and caused all agents and agent groups to disappear from the Tenable Nessus Manager user interface. | 01420559 | All Tenable Nessus versions |
Fixed a bug that caused the PDF report to show a black background behind hostnames. | 01408918 | All Tenable Nessus versions |
Fixed an issue that caused missing scan results from child nodes of a Nessus cluster. | 01395643 | Nessus Manager |
Improved overall performance when viewing the agents in a cluster group. | 01370959 | Nessus Manager |
The port scanner can now report more than 1024 open ports, if a user configures it to do so. | 01074232 | All Tenable Nessus versions |
Fixed an issue where scans exported as .nessus files were missing an encoding identifier. | 01426496 | All Tenable Nessus versions |
Agent plugin updates on cluster child nodes no longer conflict with plugin delivery to agents. | 01424572 | Nessus Manager |
Fixed an issue where scans would stop during the Pending status. | 01412489 | Nessus Manager |
Fixed an issue where CVS reports would not list all hosts, depending on which filters were being used. | 01403242 | All Tenable Nessus versions |
Fixed an issue where Customized Report options would not take effect. | 01448980 | All Tenable Nessus versions |
Cleaned up deleted scans initiated by Tenable Security Center. | 01445862 | Nessus Manager |
PDF reports now support Japanese characters. | 01406825 | All Tenable Nessus versions |
Cleaned up scan deletion tracking and ensured that items from respective report directories are deleted. | 01445862 | Nessus Manager |
Upgrade Notes
-
Tenable Vulnerability Management FedRAMP environments support Tenable Nessus scanners version 8.x and 10.4.0 and later.
-
If you are connecting to Tenable Vulnerability Management through Tenable Nessus scanners, Tenable Nessus Agents, Tenable Web App Scanning scanners, or Tenable Nessus Network Monitors (NNM) located in mainland China, you must connect through sensor.cloud.tenablecloud.cn instead of sensor.cloud.tenable.com.
- You can upgrade to the latest version of Tenable Nessus from any previously supported version.
- If your upgrade path skips versions of Tenable Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
- If you want your scanners to update to the newest version before the GA date automatically, set your Tenable Nessus Update Plan to Opt in to Early Access releases.
- If you want to update your scanners to the latest version before the GA date manually, disable automatic updates so the scanner does not automatically downgrade to the previous version.