Tenable.sc 5.21.0 Release Notes (2022-04-20)

You can download the update files from the Tenable.sc Downloads page.

Upgrade Notes

If you are running Tenable.sc 5.12.0 or later, you can upgrade directly to Tenable.sc 5.21.0. If you are running a version earlier than Tenable.sc 5.12.0, upgrade to Tenable.sc 5.12.0 before upgrading to Tenable.sc 5.21.0.

If you are using Internet Explorer 11 on Windows 10 LTSB (build 14393.4104), you may need to add your Tenable.sc installation to the “Trusted Sites” zone in order for the application to load.

If you are running Tenable.sc 5.21.0 and you are using pyTenable with the Tenable.sc API, you must upgrade pyTenable to version 1.4.2 or later.

If you upgrade Tenable.sc Director, upgrade Tenable.sc for all managed Tenable.sc instances connected to Tenable.sc Director. After upgrading, allow up to 15 minutes for your managed Tenable.sc instances to sync with Tenable.sc Director.

Tenable recommends performing a backup before upgrading Tenable.sc. For more information, see Perform a Backup in the Tenable.sc User Guide.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Note: If your upgrade path skips versions of Tenable.sc (for example, upgrading from 5.9.0 to 5.12.0 to 5.21.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

Note: Tenable.sc 5.21.0 is the last version of Tenable.sc that will support Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable.sc User Guide.

New Features

Host Asset View Data and Asset Criticality Rating in Tiered Reporting Environments and Tenable.sc Director

Host asset data and Asset Criticality Rating data now roll up to tiered reporting environments and Tenable.sc Director as part of a remote repository sync.

For more information, see View Hosts and View Host Details in the Tenable.sc Director User Guide.

Scan Management Capabilities in Tenable.sc Director via API

A new API allows you to create and delete active scans and scan objects, including the credentials, policies, and repositories in Tenable.sc Director.

For more information, see the Tenable.sc API Guide.

Enhanced Table and Grid Functionality

You can now resize and rearrange columns In table layouts in analysis, dashboard, alerts, and host asset views.

For more information, see Interact with a Customizable Table in the Tenable.sc User Guide.

Bulk Operations for Accept and Recast Risk Rules

Tenable.sc now supports selecting multiple vulnerabilities and bulk applying an Accept or Recast rule, including comments.

For more information see Accept Risk Rules and Recast Risk Rules in the Tenable.sc User Guide.

Accept and Recast Risk Rule Comments Visible In Analysis View and Reports (beta)

Accept and recast risk rule comments are now visible in analysis views and reports, and are also available to view in both CSV and PDF export format.

For more information, see Configuration Settings in the Tenable.sc User Guide.

Reduce I/O Writes on Disk (beta)

You can now enable the Performance Optimization feature to improve disk performance in environments where you are running frequent scans or remediation activities on small subsets of plugins.

For more information, see Configuration Settings in the Tenable.sc User Guide.

More Information for Scan Errors

Tenable.sc now includes a link to more information when errors occur during scanning to allow for more efficient troubleshooting.

For more information, see Error Messages in the Tenable.sc User Guide.

Changed Functionality and Performance Enhancements

WAL database mode is now enabled by default.

Bug Fixes

Bug Fix Defect ID
Fixed an issue where matrix tables where not displaying bar options correctly. 01354734
Addressed an issue with Hashicorp authentication. 01355759
Corrected an issue where switching between tabs quickly would cause a UI error. 01355643
Corrected an issue that caused an error when creating an asset from a scan result. 01314666
Corrected an issue which would lead to a "resource not supported" error when hovering over an asset in an active scan belonging to a user in a different group. 01354384
Corrected an issue where the "See also" section was not showing for compliance audit checks. 01347391
Corrected an issue where the bar chart for severities in dashboards was not showing the correct colors. 01341190
Corrected an issue that lead to error status 69 when using agent scans. 01343033
Corrected an issue with SAML logins that could occur under rare circumstances. 01334444
Corrected a display issue when using banners that was cutting off results. 01332105
Reverted the error message in the Scan Results Window for License exceeded situations. 01325248
Corrected an issue when set results displayed was not carrying over into the same dashboard component. 01330754
Resolved an issue in which a remediation scan that is in Pending status for at least 1 minute after it is started starts a duplicate remediation scan, resulting in two remediation scans running to completion. 01326942
Reverted the functionality to launch remediation scans against multiple IPs from the Vulnerability Summary view. 01328177
Corrected a multi-line display issue with pie charts. 01325079
Corrected a database backup error that could occur under certain circumstances. 01295233
Corrected an API issue where UUID was not being returned when the fields parameter was specified. 01288439
Corrected an issue with a Tenable.sc scan summary discrepancy that could occur under certain circumstances. 01233386
Corrected an issue where scans and combination asset lists error out when deleting assets that share names. 01214536

Known Issues

  • Tenable.sc may incorrectly flag "PHP File Integrity Errors" and "Correct RPM Package" in the system status page. This is a known issue and has no effect on functionality.

  • If you are changing another user's password and your user account does not have a password (for example, your user account is authenticated using SAML or LDAP), you are still required to type something in the Current Password field prior to changing the other user's password.

  • If the column select menu is open in table and you use the back/forward browser buttons closing the menu, the menu will persist on other pages until clicked.

  • When clicking on a non-sortable column, the working indicator in the lower left appears even though no sorting operation occurs.

  • There is no icon to indicate which column is the default sort column in dashboard tables.

API Changelog

For more information about the API changes for this release, see the Tenable.sc API Changelog.

Filenames and Checksums

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.

Tenable Integrated Product Compatibility

The following table lists the Tenable product versions tested with Tenable.sc 5.21.0.

For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.

Product Tested Version
Nessus

8.9.0 and later

Tenable.ot 3.9.25 and later
Log Correlation Engine 6.0.0 and later
Nessus Network Monitor 5.11.0 and later