Tenable Vulnerability Management Platform Release Notes - January 2018

Important Highlights from this Release

AWS Connector

  • Added support to automatically importing the AWS Instance Owner ID for display on the Asset Workbench

Advanced Search Save Filter Repository & Share

  • Ability to save and quickly access an Advanced Search filter query for the Vulnerabilities, Assets, and Scans sections
  • Ability to share a saved Advanced Search filter to users and/or groups

Additional Fields on csv Exports

  • The following fields have been added to .csv exports when exporting scans as well as data from the VM Workbench.:
    • IP Address, FQDN, NetBios, OS, MAC Address, Plugin Family, CVSS Base Score, CVSS Temporal Score, CVSS Temporal Vector, CVSS Vector, CVSS3 Base Score, CVSS3 Temporal Score, CVSS3 Temporal Vector, CVSS3 Vector, System Type, Host Start, Host End

Bug Fixes

  • Fixed an issue where PDF emails for completed scans contained a Java method name rather than a plugin name

Other

  • Fixed an issue where processing recast rules for some assets could fail and result in no recast rule being applied
  • Fixed an issue where scans processed simultaneously containing the same assets could result in a scan processing failure

Tenable Web App Scanning Scanner (0.16.0, 0.17.0)

Highlights

  • Improved login form Authentication by using anchor tags acting as submit buttons
  • Updated plugin 98034 Login Form Authentication Failed when timeouts occur during authentication

Bug Fixes

  • Invalid session validation parameters will not cancel anymore the scan.
  • Raise scan note when invalid session validation pattern is used
  • Remove invalid Secunia references from XSS plugins