Note: Tenable recommends upgrading to the patch for this release, Tenable.sc Patch 202103.1, which includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
You can download the update files from the Tenable.sc Downloads page.
If you are running a version earlier than Tenable.sc 184.108.40.206, upgrade to Tenable.sc 220.127.116.11 before upgrading to Tenable.sc 5.15.0.
If you are running Tenable.sc 5.11.0, 5.12.0, or 5.13.0, upgrade to Tenable.sc 5.14.1 before upgrading to Tenable.sc 5.15.0 to avoid a potential migration issue.
Tenable recommends performing a backup before upgrading Tenable.sc. For more information, see Perform a Backup in the Tenable.sc User Guide.
Note: If your upgrade path skips versions of Tenable.sc (e.g., upgrading from 18.104.22.168 to 5.15.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.
The following updates reduce errors during Tenable.sc upgrades and assist with troubleshooting upgrade issues:
- Added alerts for issues with file permissions and ownership, available disk space, and available PHP memory.
- Added command line error messages for errors that occur during upgrade.
- Improved procedural logging and error handling for failures that occur during upgrade.
Nessus Agent Scan Scheduling through Tenable.sc
Users in Tenable.sc can now configure, schedule, and launch basic agent scans in Tenable.sc that run on a linked Nessus Manager. When the agent scan completes, results are imported to an agent repository in Tenable.sc.
For more information about agent scanning in Tenable.sc, see Agent Scanning in the Tenable.sc User Guide.
Note: Agent scans configured before upgrading to Tenable.sc 5.15.0 are called agent synchronization jobs in Tenable.sc 5.15.0 and later. For more information, see Agent Synchronization Jobs in the Tenable.sc User Guide.
|Bug Fix||Defect ID|
|Remediated a condition during asset calculations causing it to hang.||01011947|
|Import scan bug that in rare occurrences will fail due to db lock issue.||01021386|
|The option to export a remote repository was available when it should not have been present.||N/A|
|The user could still update their plugins when an inactive product code was present. Resolved by checking when an inactive code is detected and disabling the corresponding feed update button.||N/A|
|Plugin/Feed update does not display error when configured without activation code.||N/A|
|When the cross-reference (xref) field is processed by the plugin parser, ensure the application checks for the proper delimiter before parsing the data.||N/A|
|Data not retained as expected after DHCP change where IPs on 2 hosts are swapped.||N/A|
|Resolves an issue where touch debugging was not being generated for Resolve Host Names.||N/A|
|Any time a scan result is imported into a Tenable.sc repository that is synchronized to Tenable.io/Lumin, synchronization data is displayed when viewing the scan result. Synchronization data will no longer be displayed for Tenable.sc repositories that are not synchronized to Tenable.io/Lumin.||N/A|
|Fixes bug where running diagnostics with Scrub IPs turned on will break Tenable.sc debug zip creation.||N/A|
|Fixes a bug with the Tenable.sc scan feature that takes an unresponsive scanner out of service correctly, but does not resend the proper policy payload to re-initiate the scan when the scanner becomes active.||N/A|
|Fixed an issue where settings could change when importing or exporting policies.||N/A|
|This bug fix adds two new filters to the VPR, CVSS v2, and CVSSv3 filters on Vulnerability Analysis: "None" and "All." This will now allow for a customer to search by "None" to display vulns with no score, "All" with every vuln (with and without a score), and finally the ability to search by a range. The default for this is "All."||N/A|
|This fixes a bug that when an upgrade occurs, the /etc/pki/tls/certs directory is changed to the tns user. Now the /etc/pki/tls/certs directory owner will no longer be modified for upgrades of Tenable.sc.||N/A|
|Fixed an issue where "List Software" was not showing for Debian/Ubuntu even when 22869 has results.||N/A|
|The “Search for SSL/TLS on” setting in Scan Policies contains an option for a user to set the Service Discovery Options. Even when the setting was hidden and turned off, exporting the policy would turn the value on. The fix will ensure that if the setting is off prior to the export, the setting will remain off after the export is complete.||N/A|
|Fixed an issue causing excessive memory usage in the vulnerability-querying sub-system that powers Dashboards, Analysis, Reporting, and ARCs.||01023338|
For more information about the API changes for this release, see the Tenable.sc API Changelog.
Filenames and Checksums
Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.
Tenable Integrated Product Compatibility
The following table lists the Tenable product versions tested with Tenable.sc 5.15.0.
8.5.1 and later
|Tenable.ot||3.4.9 and later|
|Log Correlation Engine||5.1.1 and later|
|Nessus Network Monitor||5.9.0 and later|