Nessus 10.4.0 Release Notes - 2022-10-27

Note: There are known issues with using the Tenable migration tool to migrate Nessus 10.4.0 licensed scanners to Tenable.io. These issues will be fixed in a future patch or release. In the meantime, Tenable recommends running licensed scanners on version 10.3.1 before using the migration tool to link them to Tenable.io.

New Features

The following are the new features included in Nessus 10.4.0:

  • You can now activate new Nessus Professional and Nessus Expert trials from within the application when you start Nessus for the first time.

  • Nessus Expert users can now view Terrascan results and generate reports from the Nessus Expert user interface.

  • You can now log in and perform some operations while Nessus compiles plugins.

  • You can now manage multiple agents at once by using bulk commands from the Nessus Manager user interface.

  • Nessus usernames can now contain parentheses — "(" and ")".

  • Nessus now has improved log rotation flexibility.

  • Nessus now supports FIPS mode communications.

  • Nessus now has improved TLS 1.3 support due to the following additions:

    • The ChaCha20 stream cipher with the Poly1305 message authentication code.

    • The Ed25519 and Ed448 digital signature algorithms.

    • The x25519 and x448 key exchange protocols.

Changed Functionality and Performance Enhancements

The following enhancements are included in Nessus 10.4.0:

  • You can now make copies of scan templates.

  • ASM scan efficiency improvements.

  • Report queue processing improvements.

  • Scan note language improvements.

Changed Functionality and Performance Enhancements

The following are security updates included in Nessus 10.4.0:

  • Updated the following libraries to address several vulnerabilities:

    • Updated datatables to 1.12.1.

    • Updated jquery-ui to 1.13.2.

    • Updated less.js to 4.1.3.

    • Updated moment.js to 2.29.4.

    • Updated select2.js to 4.0.13.

    • Updated underscore.js to 1.13.4.

    • Updated zlib to 1.2.13.

    For more information, see the Tenable Product Security Advisory.

  • Fixed an input validation issue for some input fields that relied on client-side validation.

  • Updated Nessus Manager linking so that linking keys for agents, scanners, and nodes are now different from each other.

Bug Fixes

Bug Fix Defect ID Applies to
Improved scan start-up performance for scans with many individually enabled plugins. 01363633 All Nessus versions
Fixed a bug that deleted the local scanner and caused all agents and agent groups to disappear from the Nessus Manager user interface. 01420559 All Nessus versions
Fixed a bug that caused the PDF report to show a black background behind hostnames. 01408918 All Nessus versions
Fixed an issue that caused missing scan results from child nodes of a Nessus cluster. 01395643 Nessus Manager
Improved overall performance when viewing the agents in a cluster group. 01370959 Nessus Manager
The port scanner can now report more than 1024 open ports, if a user configures it to do so. 01074232 All Nessus versions
Fixed an issue where scans exported as .nessus files were missing an encoding identifier. 01426496 All Nessus versions
Agent plugin updates on cluster child nodes no longer conflict with plugin delivery to agents. 01424572 Nessus Manager
Fixed an issue where scans would stop during the Pending status. 01412489 Nessus Manager
Fixed an issue where CVS reports would not list all hosts, depending on which filters were being used. 01403242 All Nessus versions
Fixed an issue where Customized Report options would not take effect. 01448980 All Nessus versions
Cleaned up deleted scans initiated by Tenable.sc. 01445862 Nessus Manager
PDF reports now support Japanese characters. 01406825 All Nessus versions
Cleaned up scan deletion tracking and ensured that items from respective report directories are deleted. 01445862 Nessus Manager

Upgrade Notes

  • You can upgrade to the latest version of Nessus from any previously supported version.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • If you want your scanners to automatically update to the newest version before the GA date, set your Nessus Update Plan to Opt in to Early Access releases.
  • If you want to manually update your scanners to the latest version before the GA date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
  • For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:

    • Windows 7 SP1
    • Windows Server 2008 SP2
    • Windows Server 2008 R2 SP1