Nessus 8.12.0 Release Notes - 2020-10-08

Note: Tenable recommends upgrading to the patch for this release, Nessus 8.12.1, which includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

New Features

The following are the new features included in Nessus 8.12.0:

  • Agent Cluster Groups: customers using agent clustering now have the ability to organize their cluster nodes and agents into logical cluster groups. This allows customers to configure their agents in a way that conforms to their network topology, ensuring that agents can be assigned to a cluster group that is reachable from their network.

    Note: If cluster child nodes have automatic software updates disabled, you must manually update them to Nessus 8.12 in order to use agent cluster groups. If cluster child nodes have automatic software updates enabled, nodes can take up to 24 hours to update. To ensure correct linking and configuration, wait for all child nodes to update to Nessus 8.12 prior to configuring custom cluster groups.

    For more information, see Cluster Groups in the Nessus User Guide.

  • Predefined Reports for Nessus Professional: Added three new predefined reports for Nessus Professional customers, allowing users to create HTML or PDF reports that preconfigure the most useful summaries for vulnerability management. Users can create:

    • An Unsupported Software report to provide insight into unsupported software found in the customer's environment.

    • An Exploitable Vulnerabilities report which details all detected vulnerabilities which have known exploits.

    • An OS Detections report which gives lists all operating systems found on the scanned targets.

    For more information, see Create a Scan Report in the Nessus User Guide.

  • Support for running Nessus on additional operating systems, including SUSE Linux Enterprise Server 15, FreeBSD 12.x, Kali 2018, 2019, 2020, and Ubuntu 20.04.

    For more information, see Software Requirements in the Nessus User Guide.

Changed Functionality and Performance Enhancements

The following additional enhancements are included in Nessus 8.12.0:

  • Added additional data to the Nessus debug report, to better assist in troubleshooting, including public/non-secret certificate information and license type and features.

  • Removed the Scanner tab from the Nessus user interface for all license types except for Nessus Manager.

  • In Nessus Manager, linked agents and scanners are now accessed from the new Sensors page in the top navigation bar.
  • You cannot access a cluster child node via the user interface. Manage agents from the parent node instead.

Bug Fixes

Bug Fix Defect ID Applies to
Fixed an issue with using the "pkg add" command for installation on FreeBSD v11 00847180, 00738521 All Nessus versions
Fixed an issue with connections being dropped if Nessus tried to open more than the configured maximum number of concurrent TCP sessions per host for a target 00809878 All Nessus versions
Fixed an issue where the "last scanned" timestamp for an Agent was updated even if the Agent did not report results 01049609 Nessus Manager
Fixed an issue where unlinked Agents were sometimes not being deleted from Nessus Manager 01048912 Nessus Manager
Improved performance of some database queries that were potentially causing Agent merges to fail due to database lock timeouts. 01026793 Nessus Manager
Fixed a bug with target list enumeration that in rare cases was causing cloud scanners to get in an infinite loop and run out of memory 01038386 cloud scanners

Upgrade Notes

  • New Domain - As a part of continuous security and scalability improvements to Tenable infrastructure, we have added a new domain that scanners communicate with.

    • Starting with Nessus version 8.12.0, scanners communicate with using In case the sensors are not able to connect to the new domain, they fall back to using Nessus scanners with earlier versions will continue to use the domain.

    • Recommended Action - If you use domain allow lists for firewalls, Tenable recommends adding * (with the wildcard character) to the allow list. This ensures communication with and all future subdomains, thus reducing operational overhead. Please contact your Network Administrator for assistance with making necessary changes to your allow list.
  • You can upgrade to the latest version of Nessus from any previously supported version.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • scanners receive the latest software update starting one week after the Nessus general availability (GA) date.

    • If you want your scanners to automatically update to the newest version prior to that date, set your Nessus Update Plan to Opt in to Early Access releases.
    • If you want to manually update your scanners to the latest version prior to that date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
  • For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:

    • Windows 7 SP1
    • Windows Server 2008 SP2
    • Windows Server 2008 R2 SP1