Tenable Security Center 2023 Release Notes

These release notes are listed in reverse chronological order. To jump to a place in the release notes, use the list to the right.

Tenable Security Center Patch 202312.1-6.x (2023-12-14)

Apply this patch to Tenable Security Center installations running versions 6.2.0, 6.1.1, 6.1.0, and 6.0.0. This patch updates Apache HTTP Server to version 2.4.58 to address CVE-2023-43622 and CVE-2023-45802.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Steps to Apply

Tenable Security Center 6.2.1 (2023-11-20)

You can download the update files from the Tenable Security Center Downloads page.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Caution: Tenable Security Center 6.2.1 includes an update for SimpleSAML. You will need to update your SAML audience URI from tenable.sc to https://tenable.sc. For SAML Authentication examples, see SAML Authentication XML Configuration Examples.

Bug Fixes

Bug Fix	Defect ID
Fixed an issue where members of the Full Access group are not able to view the scan results of a user that is a member of a different group.	01712526, 01709676, 01716718, 01717398, 01716624, 01715627, 01720276, 01715492, 01713546, 01702215, 01721871
Fixed an issue where upgrading to 6.2.0 is slow when there are many matrix components on dashboards.	01712249, 01716663, 01703320
Fixed an issue with API errors due to scanID in the payload.	01703783, 01706036, 01707209, 01707766, 01704514, 01706540, 01707963, 01707964, 01704996

Tenable Integrated Product Compatibility

Product	Tested Version
Tenable Nessus	8.9.0 and later
OT Security	3.9.25 and later
Tenable Log Correlation Engine	6.0.0 and later
Tenable Nessus Network Monitor	5.11.0 and later

Tenable Security Center Patch 202310.2 (2023-10-31)

Apply this patch to Tenable Security Center installations running version 6.2.0. This patch resolves an issue with API errors due to scanID in the payload.

Steps to Apply

Tenable Security Center Patch 202310.1-6.2.0 (2023-10-31)

Apply this patch to Tenable Security Center installations running versions 6.2.0. This patch updates curl to version 8.4.0 to address CVE-2023-38545.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Steps to Apply

Tenable Security Center Patch 202310.1-6.x (2023-10-31)

Apply this patch to Tenable Security Center installations running versions 6.0.0, 6.1.0, and 6.1.1. This patch updates curl to version 8.4.0 to address CVE-2023-38545.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Steps to Apply

Tenable Security Center 6.2.0 (2023-10-10)

You can download the update files from the Tenable Security Center Downloads page.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Caution: Tenable Security Center 6.2.0 includes an update for SimpleSAML. You will need to update your SAML audience URI from tenable.sc to https://tenable.sc. For SAML Authentication examples, see SAML Authentication XML Configuration Examples.

New Features

Bug Fixes

Bug Fix	Defect ID
For the Delinea Secret Server credential, users can now enter a URL in the Delinea Host field. Before you could only enter an IP or hostname.	01654432
Generic SSH Escalation field removed required and filed setup as per policy if required or not.	01646876
In some cases duplicate hosts in Universal repositories were counted toward the license for each repo they were in.	01640824, 01664333, 01666525, 01667889
Fixed a bug in file upload requests to scanners when Tenable Security Center and the scanner utilize certificate-based authentication. During the request generation, Tenable Security Centerwas inadvertently omitting the certificate, resulting in an erroneous outcome.	01631946
Update CSS only for specific drop-down element style to unset few global style, fixes the issue.	01627284
Update logic front-end won't display the error status until the dashboard has been fully evaluated.	01612838
The User::GET API response will now follow the objective of permissions as intended and matches with the GUI.	01623694
Improved the user deletion functionality to resolve the issue and implemented a restriction allowing users to only bulk delete up to 10 users at a time.	01624468
The "User Text" field in the Authentication Settings form was mislabelled as "Header Text", which could lead to confusion about where the value would be displayed. This field label has been corrected.	01617548
Updated the PHP file integrity check to exclude SAML configuration files.	01620889
For customer clarity, update caption for “Report” Alert action to now read: "Launch an existing On Demand Report"	01609808
When users are marked as deleted during migration because no message.db was found, updated the code so that you can no longer login as the deleted user.	01591639
Addressed an issue within the agent scan feature where the Agent scan PATCH REST API call was unintentionally removing agentGroups.	01606876
Resolved a bug within the policy feature, which was causing incomplete returns of audits when utilizing the auditFiles field with the /rest/policy endpoint.	01617747
While exporting the Host Discovery Policy, if the field max_simult_tcp_sessions is empty in Policy settings, then it will retain empty value in the exported file [instead of previously defaulted to unlimited].	01615970
"CVE ID" option in "Filter By" filter in Plugins module now allows selection of four different operators: Equal To (=), Not Equal To (≠), Contains, and Does Not Contain.	01614878
A bug introduced in Tenable Security Center 6.0 caused scans to only send IP addresses as targets rather than IP and FQDN when scanning with DNS asset lists as targets.	01602558, 01647697, 01610272
Update logic, now on page load, set the default timeframe chosen by the consumer, then the static one.	01611113
Users cannot use IPs as the Target type to identify the hosts that a risk rule should apply to if the host is in an agent repository.	01599040
In the scanner status log, fixed passwords that were being shown in plain text.	01610301
This is as designed. The missing information has been incorporated into the User Guide.	01596286
The f/e for System Logs was upgraded to a new model. The b/e code has been upgraded to support this new model. Now users can display results, use filters, and utilize the paging operations, and the item ranges and totals and page ranges and totals are correct.	01605309
Fixed a bug within the job daemon process responsible for managing the cleanup of terminated processes, which was leading to application crashes.	01604331
Added a fix about calculating scrollLeft position of the grid container before refresh and set the left position after the grid is refreshed.	01589237
In some cases Tenable Security Center was not removing namedb entries for hosts that were removed from the repository. This could cause namedb to grow very large if customers have a lot of short lived assets. Orphaned namedb entries will now be cleaned up.	01605832
Tenable Vulnerability Management changed the behavior of what happens when invalid API keys are provided to the server status api. Now Tenable Vulnerability Management returns a 401 which is an authorization failure. Updated the code so that If an authorization failure is detected, it returns gracefully that the connection failed.	01602907
Updated the nightly cleanup function that cleans up stale Scan Reports to properly handle the case where the scanner does not exist.	01600461
This resolves an issue in which the scan process would continue to run if the scan was deleted while the scan status was Preparing, Resolving, Verifying, or Initializing.	01599473
Fixed an issue with the installSSLCertificate.php script that previously prevented users from utilizing multiple options simultaneously.	01600901
Fixed a bug with querying Mobile data using the Identifier filter with an Identifier that has a comma in it. There was no way to tell if the comma was part of the value or a separator. The solution is to support one value in the Identifier filter. This resolves the problem of no data showing up when drilling down from the Device Summary tool to the Vuln List tool.	01597703
Redesigned this component as an enhancement to Tenable Security Center 6.2.0.	01588770
Fixed an issue where feed update or Tenable Security Center install would fail if TSC_ENTROPY_CHECK environment variable was set to true to force Tenable Security Center to use /dev/random as a random number generator.	01585877
Bugfix added to auto-refresh third-party charting library components in the rare event they do not render correctly on the first attempt.	01575902, 01595662
Fixed an issue where plugin names were being displayed as blank when plugin locale was changed before running the first plugin update job.	01577810
Fixed some cases where database locks were occuring during the import of scan results.	01570024
In some cases high quality OS detections were being overwritten by lower quality OS detections.	01573983
The prepareassets will be launched for all orgs [with access to agent repo] as below: the original initiator id will be retained for initiator org. for the other orgs the initiatorID will be the ORGHEAD id.	01557616
Customer is now able to properly filter by SCAP Audit Files in cases where this was not working.	--
Fixed the logic to show only the login panel/startup banner at once. The login Panel will be hidden by the startup banner if available in all cases.	01571286, 01524466
Fixed an issue where STIG audit was failing because RPM verification was flagging tvdb.db as being modified.	01550156
New field "Inactivity Timeout" provided in Active Scan Settings during creation/update to customize the timeout limit for receiving the Scan Progress before jumping Scanners.	01561848
Fixed how IP list is retrieved when an asset is not shared with a certain group.	01567384
Fixed an issue where PIV certificate authentication would fail after upgrading to Tenable Security Center 6.0.0 if the certificate contained multi-rdn values for CN	01564014
Added scroll to the slideout section so as to allow interaction with the entire content.	01563543
CSS updated to prevent textbooks from overriding dropdown elements.	01562172, 01648424, 01646722
Fixed a validation message that erroneously suggested users could apply multiple CVE filters when creating policies in the plugins section.	01552320, 01573872
Update logic by removing remote and offline repositories from the selected repository list.	01528355, 01625287
Fixed an issue in the feed update procedure that impacted customers with sizable organizations, numerous assets, dashboards, and reports. This was resolved by isolating the lengthy operation into its dedicated job.	01532323, 01643639
Customers were seeing system slowness due to a large number of queries defined. The customer in question was using the Tenable Security Center ticketing system and associating queries with tickets. So a large number of the queries were associated with tickets. Tickets are never deleted in Tenable Security Center and so neither are the associated queries. The solution is to delete any queries associated with a ticket when the status of the ticket is changed to "closed". In addition, to cleanup existing data, a migration script was created to delete all queries associated with tickets where the ticket status is "closed".	01446976, 01473727
Fixed a bug in the Picture in Picture feature, where users on slower connections would occasionally encounter an error message regarding invalid credentials.	01369184

Tenable Integrated Product Compatibility

Product	Tested Version
Tenable Nessus	8.9.0 and later
OT Security	3.9.25 and later
Tenable Log Correlation Engine	6.0.0 and later
Tenable Nessus Network Monitor	5.11.0 and later

Tenable Security Center Patch 202307.1-6.x (2023-07-25)

Apply this patch to Tenable Security Center installations running versions 6.0.0, 6.1.0, and 6.1.1. This patch updates OpenSSL to version 3.0.9 to address CVE-2023-2650.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Steps to Apply

Tenable Security Center 6.1.1 (2023-06-07)

You can download the update files from the Tenable Security Center Downloads page.

Bug Fixes

Bug Fix	Defect ID
When syncing assets lists from Tenable Security Center to Tenable Vulnerability Management, updated the request payload so that filter values are chunked to contain no more than 1024 values per filter. Customers can now sync asset lists from Tenable Security Center to Tenable Vulnerability Management tags successfully when they contain more than 1024 filter values (IPs, FQDNs, and Tenable UUIDs).	01597028
Tenable Security Center was updated to maintain asset information in the case when all cumulative vulns have expired but there are some mitigated vulns remaining.	01570011, 01585371, 01604201
Updated diagnostics so that all system calls run successfully with the output results shown in sc-systeminfo.txt within the diagnostic file. A diagnostic can now be successfully run in EL7, 8, and 9 environments.	01584035
Fixed issue with asset calculation in Universal repository when a referenced asset no longer existed.	01548973, 01593435, 01612646
Fixed bug in asset list count for Universal repository that occurred when there was more than one asset with the same FQDN in the repository.	01557339, 01589415
Fixed an issue that caused an "API Keys not accepted" error for agent scans on agent manager.	01534931, 01540595, 01561334
When editing an asset on a large repository with many groups and a large user base, the internal error 500 occurs. Now this has been resolved.	01531118, 01555418

Tenable Integrated Product Compatibility

Product	Tested Version
Tenable Nessus	8.9.0 and later
OT Security	3.9.25 and later
Tenable Log Correlation Engine	6.0.0 and later
Tenable Nessus Network Monitor	5.11.0 and later

Tenable Security Center Patch 202304.0 (2023-04-12)

Apply this patch to Tenable Security Center installations running Tenable Security Center 6.1.0.

This patch resolves an issue with synchronization using Tenable One/Tenable Lumin, where Agent UUIDs with dashes in Asset Lists created issues with Tag definitions.

Steps to Apply Patch Manually

Tenable Security Center 6.1.0 (2023-03-22)

You can download the update files from the Tenable Security Center Downloads page.

New Features

Bug Fixes

Bug Fix	Defect ID
A POST request to create a policy requires that the state (mixed or enabled), and the type (locked or unlocked for a state of mixed, and always unlocked for a state of enabled) be included for each family in the request.	01558364
Added a fix where "Create Plugin scans" is not visible if "Create Scan" is disabled on initial loading of a custom role edit.	01553947
Corrected how Tenable Security Center determines if the data is ready to refresh.	01509109
PDFs are no longer encrypted by default. The 'Encrypt PDF' option must be enabled before a PDF is encrypted.	01549696
Fixed issues handling and accounting for early, requested pauses, resumes and stops within the active scan process.	01546822
Fixed loading of AES/ACR from database.	01546444
This fixes a bug where the code was crashing if the user used an external SC API and did not provide a User Agent header.	01538318
Fixed issue where users were unable to copy Dashboard components to Dashboard tabs that they manage but not own.	01401206
Added a sort compare function for the risk reduction column and will sort properly in the dashboard component "Worst of the worst - Top 10 prioritized actions"	01513870
Fixed issue where column "IP/Device Count" did not sort properly in Repositories list view.	01524451
Improvements made to mobile scans to prevent timeouts.	01435903
Fixed user privileges for scan results view to have pause and stop button enabled for the scans created by that user, even without MO enabled.	01512444
typeFields was not handled properly for few credential types. Now all supported credential types support typeFields.	01489431
Optimization of backend queries during the SC feed process. This saves PHP memory and prevents PHP 'out of memory' issues.	01510611, 01508444, 01532158, 01537509
When creating a scan policy, setting "Search for DTLS" to anything other than 'None' saves correctly now.	01503411
Fixed an issue where importing a scan causes a "license check failed" error.	01501139, 01515264
Fixed an issue where column "Owner" did not sort properly in Active Scans list view.	01498956
Fixed an issue where old scan results were not being cleaned up when an expiration lifetime was configured.	01488760
Large Tenable Security Center Debug logs will no longer throw memory related issues.	01493694, 01497471, 01550915
Fixed an issue where the post-scan report was not generated if the active scan was created via API.	01439481

Tenable Integrated Product Compatibility