Nessus 8.15.0 Release Notes - 2021-06-15
The following are security updates included in Nessus 8.15.0:
This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
A vulnerability where after an installation occurs and the user runs a repair on the installation. The repair option, which allows any user to execute the action without admin privileges has been disabled.
Two third-party libraries (SQLitesqlite)were identified as vulnerable and have been updated.
The following are the new features included in Nessus 8.15.0:
Nessus CLI now supports a new command, nessuscli import-certs, to add certificates, validate that they are matching, and place them in the correct directory.
For more information, see Nessuscli in the Nessus User Guide.
Changed Functionality and Performance Enhancements
The following additional enhancements are included in Nessus 8.15.0:
Nessus now uses Npcap as a Windows packet capture library, instead of WinPcap, which was discontinued.
Note: The upgrade to 8.15.0 installs Npcap but does not remove WinPcap in case your system runs other software dependent on WinPcap. If you manually uninstall WinPcap, Nessus cannot automatically downgrade from 8.15.0 to a prior release. If you remove WinPcap from your system but want to install a version of Nessus earlier than 8.15.0, you must manually install earlier versions via the download package. Similarly, a new installation of Nessus 8.15.0 cannot automatically downgrade to earlier versions; you must manually install earlier versions via a download package.
The Windows 2008 OS is no longer supported.
Implemented multiple improvements for logging:
A new log file, nessuscli.log, logs all Nessus CLI operations.
Improved logging to show successful and failed scan uploads.
Improved logging for www_server.log to show start, end, and elapsed times for each access to the Nessus web server.
Nessus scanner type added to the log.
pre_sig.txt & post_sig.txt have been combined into other_logs.txt.
Nessus now uses milliseconds timestamps in backend.log.
Added to logs when a scan fails due to missing files instead of ignoring.
Advanced settings of agent scan for "Audit Trail Verbosity" and "Include the KB", settings override the server advanced settings called "agent_merge_audit_trail" and "agent_merge_kb" if disabled to ensure proper function.
A new Advanced Setting, merge_plugin_results, was added to support merging plugin results for plugins that generate multiple findings with the same host, port, and protocol. This setting is recommended to be enabled for scanners linked to Tenable.sc.
For more information about the features and functionality supported in this release, see the Nessus 8.15 User Guide.
|Bug Fix||Defect ID||Applies to|
|Fixed an issue where agents would not link after transitioning from Nessus Manager to Tenable.io.||--||Nessus Manager|
|Fixed an issue where scheduled scans in Nessus Manager would fail||01194448||Nessus Manager|
|Fixed an issue where there is a discrepancy in CSV file generated from compliance scan export vs what is shown in the UI||--||All Nessus scanners|
|Fixed an issue where an IPv6 target scan would fail.||01042585||All Nessus scanners|
|Fixed an issue where Nessus would ignore certain rules.||00834057||All Nessus scanners|
- You can upgrade to the latest version of Nessus from any previously supported version.
- If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
Tenable.io-linked scanners receive the latest software update starting one week after the Nessus general availability (GA) date.
- If you want your scanners to automatically update to the newest version prior to that date, set your Nessus Update Plan to Opt in to Early Access releases.
- If you want to manually update your scanners to the latest version prior to that date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:
- Windows 7 SP1
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1