Tenable.sc 5.22.0 Release Notes (2022-07-28)

You can download the update files from the Tenable.sc Downloads page.

Upgrade Notes

If you are running Tenable.sc 5.12.0 or later, you can upgrade directly to Tenable.sc 5.22.0. If you are running a version earlier than Tenable.sc 5.12.0, upgrade to Tenable.sc 5.12.0 before upgrading to Tenable.sc 5.22.0.

If you are running Tenable.sc 5.22.0 and you are using pyTenable with the Tenable.sc API, you must upgrade pyTenable to version 1.4.2 or later.

If you upgrade Tenable.sc Director, upgrade Tenable.sc for all managed Tenable.sc instances connected to Tenable.sc Director. After upgrading, allow up to 15 minutes for your managed Tenable.sc instances to sync with Tenable.sc Director.

Tenable recommends performing a backup before upgrading Tenable.sc. For more information, see Perform a Backup in the Tenable.sc User Guide.

Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

Note: If your upgrade path skips versions of Tenable.sc (for example, upgrading from 5.9.0 to 5.12.0 to 5.22.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

Note: Tenable.sc 5.21.0 is the last version of Tenable.sc that supports Internet Explorer. For more information about other supported browsers, see Web Browser Requirements in the Tenable.sc User Guide.

New Features

Domain Discovery

All Tenable.sc customers now have the ability, through an integration with Tenable.asm, to discover new internet-facing assets, domains, subdomains, and more. This capability is available to all Tenable.sc customers and will allow customers to actively search two top level domains at a time. All data will be refreshed every 90 days.

For more information, see Attack Surface Domain Discovery in the Tenable.sc User Guide.

BCC Emails during Report Generation

Customers will now be able to BCC emails when they create new reports in Tenable.sc.

For more information, see Report Options in the Tenable.sc User Guide.

Touch Debugging Logs

Touch Debugging Logs will now be known as Debugging Logs. Additionally, customers will now have the ability to download them directly from the Tenable.sc GUI.

For more information, see Diagnostics Settings in the Tenable.sc User Guide.

Back Button for Picture in Picture

Customers will now have a Back button which will allow them to easily exit a Picture in Picture session without closing the page and opening a new Tenable.sc session.

For more information, see View Nessus Instances in Tenable.sc in the Tenable.sc User Guide.

Asset Exposure Score

Tenable.sc+ customers will now have the ability to see and filter on the Asset Exposure Score (AES) in the Host Assets View. The AES is calculated locally and represents the asset's relative exposure as an integer between 0 and 1000. A higher AES indicates higher exposure.

Tenable calculates AES based on the current ACR (Tenable-provided or custom) and the VPRs associated with the asset. This feature will great enhance our Tenable.sc+ customers ability to prioritize risk in their environment.

For more information, see Host Asset Filter Components in the Tenable.sc User Guide.

Host Asset View Filtering

All Tenable.sc customers will now be able to use filtering in the Host Asset View. This new feature will allow customers to filter results based off of the asset information stored in the Host Asset table. Prior to this release, filtering was only possible in the Vulnerability Analysis view.

For more information, see Host Asset Filter Components in the Tenable.sc User Guide.

Citrix Credentials

This feature will allow customers to audit their Citrix ADC / ADM devices for proper configuration to reduce vulnerability of the attack surface.

For more information, see Miscellaneous Credentials in the Tenable.sc User Guide.

Full Scanner Authentication/Communication via API Keys

This feature will allow customers to use secure API keys when importing agent scan data from Nessus or Tenable.io scanners.

For more information, see Nessus Scanners in the Tenable.sc User Guide.

Changed Functionality and Performance Enhancements

Addressed an issue that required an Admin who was changing another users password to input that users password first. This change requires the password of the Admin user prior to changing another users password.

Bug Fixes

Bug Fix Defect ID
Fixed an issue that led to an error message when applying filters to the Vulnerabilities page. 01395429
Fixed an issue where IPv6 Nessus scanners would not connect to Tenable.sc 5.21.0. 01384316
Fixed an issue where if a customer upgraded to 5.22.0, "PHP File Integrity Errors detected" would show incorrectly. 01385040
Fixed an issue where System Diagnostics page showed a red X next to "Correct RPM Package Installed." The red X will now change to a green check mark (✓) after clicking Refresh. 01384254
Fixed an issue that prevented users from viewing, editing, and deleting Agent Scans after deleting the associated Policy. 01368458
Fixed an issue in dark mode where the Add button under Active Scans is not visible. 01354963
Reworked the system diagnostics generator to use a small memory footprint. This will prevent the Create Diagnostics File from failing to complete due to memory limitations. 01353078
Fixed an issue where the agent scan policy type is displayed instead of the agent scan policy name, after completing the agent scan. 01362871
Installed database table for storing encrypted hashes of patched PHP files and added a tool to insert data into the table. 01361620
Improved performance of writing to hosts.db during import. 01352195
Fixed an issue of missing audit template category parameter for the Nessus scanner. 01352684
Fixed an issue were Tenable.sc will sometimes crash if the PID is reused in some cases. 01332511
Fixed an issue where legend text in pie charts was wrapping to another line. 01342667
Fixed an issue that caused an error on negative regex lookups. 01334221
Fixed an issue where SCAP benchmark names were sometimes not appearing in the Benchmarks list while creating DISA consolidated ARF, ASR and Cyberscope (LASR) Report Definitions. 01335798
Fixed an issue where bad schedule information sometimes passes validation, and fixed an error where the Jobs daemon sometimes crashes due to this information. 01327687
Fixed an issue where publishing site information was not available to be routed through a proxy instance configured in Tenable.sc. 01324342
Fixed an issue where the OriginalName column in the plugin table was not added whenever an active plugin is getting an update from the admin other than the default local lang setting. 01272050

Known Issues

  • Chart labels on bar charts are truncated due to a FusionCharts library update.

  • The scan results trend chart on the Insights dashboard shows results on the wrong time on the x-axis. The tooltip for the bar also shows the wrong time, and when a user clicks on the bar, the scan results page does not show any data.

  • The Export as PDF option is not available after installing Java until the user refreshes the browser window.

  • There is an error when a user cancels an LCE Policy after viewing the policy, and the user is sent to the home dashboard.

API Changelog

For more information about the API changes for this release, see the Tenable.sc API Changelog.

Filenames and Checksums

Filenames and MD5 or SHA-256 checksums are located on the Tenable.sc Downloads page.

Tenable Integrated Product Compatibility

The following table lists the Tenable product versions tested with Tenable.sc 5.22.0.

For information about EOL dates and policies for Tenable products, see the Tenable Software Release Lifecycle Matrix and Policy.

Product Tested Version

8.9.0 and later

Tenable.ot 3.9.25 and later
Log Correlation Engine 6.0.0 and later
Nessus Network Monitor 5.11.0 and later