Error Messages
For Tenable Vulnerability Management API status codes, see the Tenable Developer Portal.
Scanning
The following table describes the scanning error messages that may appear in Tenable Vulnerability Management.
Some scanning errors occur when you exceed the following Tenable Vulnerability Management scanning limitations:
Scan Limitations
The following table describes scanning limitations in Tenable Vulnerability Management:
| Limitation | Description |
|---|---|
| Targeted IP addresses or hostnames per assessment scan | Tenable Vulnerability Management limits the number of IP addresses or hostnames you target with a single assessment scan (for more information, see Discovery Scans vs. Assessment Scans). The host target limit is 10 times your organization's licensed asset count. For example, if your organization has a licensed asset count of 1,000, Tenable Vulnerability Management does not allow you to target more than 10,000 hostnames or IP addresses in a single assessment scan. If you exceed the limit, Tenable Vulnerability Management aborts the scan. |
| Targeted IP addresses or hostnames per discovery scan |
Tenable Vulnerability Management limits the number of IP addresses or hostnames you target with a single discovery scan (for more information, see Discovery Scans vs. Assessment Scans). The host target limit is 1,000 times your organization's licensed asset count. For example, if your organization has a licensed asset count of 1,000, Tenable Vulnerability Management does not allow you to target more than 1,000,000 hostnames or IP addresses in a single discovery scan. If you exceed the limit, Tenable Vulnerability Management aborts the scan. |
| Host scan results per scan | Tenable Vulnerability Management limits the number of live hosts for which a single scan can generate scan results for. The live host scan results limit is 1.1 times your organization's licensed asset count. For example, if your organization has a licensed asset count of 1,000, Tenable Vulnerability Management does not allow you to generate scan results for more than 1,100 live hosts from a single scan. If you exceed the limit, Tenable Vulnerability Management aborts the scan. Tenable Vulnerability Management does not apply the live host scan result limit to discovery scans. Tenable Vulnerability Management also limits the number of dead hosts for which a single scan can generate scan results for. The dead host scan results limit is 100 times your organization's licensed asset count. For example, if your organization has a licensed asset count of 1,000, Tenable Vulnerability Management does not allow you to generate scan results for more than 100,000 dead hosts from a single scan. If you exceed the limit, Tenable Vulnerability Management aborts the scan. |
| Targeted IP addresses or ranges per scan | You cannot specify more than 300,000 comma-separated IP addresses or ranges when configuring a scan’s targets. |
| Active scans | You cannot have more than 25 scans running in your container simultaneously. |
| Scan chunks |
Tenable Vulnerability Management limits scan chunks to 10,000 hosts, 150,000 findings, or 7 GB in total size. If a scan chunk exceeds any of these values, Tenable Vulnerability Management does not process the scan and eventually aborts it. Note: This limits items like MDM assessments, importing Nessus files, and very large Auto Discovery scenarios (for example, VMware) to individual scans with less than 10,000 assessed targets.
|
| Scan configurations | Tenable Vulnerability Management limits the number of scan configurations you can create to 10,000 scans. Tenable recommends re-using scheduled scans instead of creating new scans. This approach helps to avoid latency issues in the user interface. |
For more information about creating, modifying, and launching scans, see Manage Scans. For more information about scan status values, see Scan Status.
| Warning | Message | Recommended Action |
|---|---|---|
| The total number of scan configurations cannot exceed 10,000. | Review and remove any scan configurations that your organization no longer uses. | |
| The following targets were not routable: [scan targets] | Ensure that you are using the correct scanner to scan the targets and that there are not any protective securities between the scanner and the targets. | |
| Aborted Task Targets | The following targets were aborted: [scan targets] | If needed, perform a rollover scan on the aborted targets. |
| Aborted Task Targets Summary | There were [number] aborted targets, including [number of targets not in notes] above the limit for reporting notes. | If needed, perform a rollover scan on the aborted targets. |
| Account Target Limit | The target count exceeds the limit for this account. Please contact customer support to upgrade your license. | You reached the maximum scan target limit. To increase your scan target limit by upgrading your license, contact Tenable Support. |
| Agent Group Error | Unexpected error retrieving the agent groups. | |
| Agent Group Permissions | The owner does not have access to all of the configured agent groups. | You do not have access to all the agent groups selected for this scan. Select the correct groups. For more information, see Agent Groups. |
| Agent Scan Indexing Error | Tenable Vulnerability Management aborted a scan task after an unexpected error during indexing. You may need to re-scan the agent: [agent name]. | Re-scan the affected agent. |
| All Inactive Scanners | All targets were routed to scanner groups with no active scanners. | |
| All Scans Aborted | All active scans were aborted. | Tenable Vulnerability Management aborted the scan due to a system abort request. Re-run the scan. |
| Auto Routed Custom Targets | Custom scan targets are not currently supported for auto routed scans. | Select a specific scanner to run scans on custom targets. |
| Auto Routing Disabled | The scan is configured for auto routing, but that feature is not enabled. | |
| Concurrent Scan Limit | Concurrent scan limit reached for this account. Please contact customer support to upgrade your license. | You reached the maximum concurrent scan limit. Re-run the scan later. |
| Concurrent Scan Limit Reached | Scan could not be completed: concurrent scan limit reached for this account. Please contact customer support to upgrade your license. | You reached the maximum concurrent scan limit. Re-run the scan later. |
| Conflict | Transition for indexing to pausing not supported. |
The scan is completed and is now in the process of indexing. Wait for the indexing to complete. |
| Empty Scanner Group | The scan is configured to use a scanner group with no assigned scanners. | Confirm that the scanner group contains functioning scanners, then re-run the scan. |
| Empty Targets | No targets are configured for the scan. | Confirm the scan configuration contains one or more valid targets, then re-run the scan. |
| Inactive Scanners | The scan is configured to use a scanner group with no active scanners. | Confirm that the configured scanner is functioning, or that the configured scanner group contains functioning scanners, then re-run the scan. |
| Indexing Error | Unexpected error during task processing. Targets may need to be rescanned : [scan targets] | Re-run the scan for unscanned targets or targets that need to be re-scanned. |
| Initialization Error | Unexpected error during initialization. | Tenable Vulnerability Management aborted the scan. Re-run the scan. |
| Invalid AWS Targets | No valid AWS targets are configured for the scan. | Confirm the scan contains valid AWS scan targets and re-run the scan. For more information, see Targets. |
| Invalid PCI Scanner | The PCI scan can only be launched using Tenable Cloud Scanners | Use a Tenable cloud sensor to run a Tenable PCI ASV scan. For more information, see Cloud Sensors. |
| Invalid Tag Rule As Target | Tags with the "Match All" filter can only have one rule for scans with the "Targets defined by tags" option enabled. Tag category: [tag category], Tag value: [tag value]. | Adjust your tag rules, then re-run the scan. |
| Invalid Tag Target | Failed to resolve a target FQDN or IP from an asset in the configured tags. | One or more assets in a tag configured for the scan requires an associated scan target. Confirm the tag configuration, then re-run the scan. For more information, see Tags. |
| Invalid Target | Can't resolve target. | Confirm your scan includes valid scan targets, then re-run the scan. For more information, see Targets. |
| Invalid Target Range | An invalid target range is configured for the scan: [scan targets] | Correct or remove the invalid scan target range, then re-run the scan. For more information, see Targets. |
| Invalid Targets | No valid targets are configured for the scan. |
Confirm the scan targets meet the following criteria:
For more information, see Targets and Target Groups. For more troubleshooting assistance, see the knowledge base article. |
| Job Initialization Error | Unexpected error during initialization. Please check the scan targets and settings for irregularities and contact support if the problem persists. | Re-run the scan. |
| Log4j DNS Failed Request | Unable to resolve DNS [scan target] to check Log4j Vulnerability. | Re-run the scan for unscanned targets or targets that need to be re-scanned. |
| Max Findings Error | The maximum number of findings was reached. | Review the Tenable Vulnerability Management scan limitations and adjust the scan configuration to produce an allowed number of findings. |
| Max Hosts Reached Error | Scan has exceeded the maximum number of allowed hosts. | Review the Tenable Vulnerability Management scan limitations and adjust the scan configuration to scan an allowed number of hosts. |
| Network Congestion Detected | Some network congestion was detected during the scan. This may indicate that one or more of the remote hosts are connected through a connection that does not have enough bandwidth to handle the network traffic generated while scanning. |
To reduce the risk of congestion:
|
| No Available Scanner | Unable to find a scanner that is able to run the scan. | Confirm you selected the correct scanner, then re-run the scan. |
| No Configured Agent Groups | The scan has no configured Agent Groups. | Add at least one Agent Group to the scan. |
| No Scan Policy | The scan must be configured with a scan policy. | The scan requires a scan policy. Configure a scan policy, then re-run the scan. |
| No Tag Targets | No valid targets were found from the configured tags. | |
| Notification Error | Notifications for this scan may not have been sent. | The scan completed, but failed to send a notification. |
| Owner Disabled | The owner of the scan is disabled. | Enable the owner of the scan or transfer ownership to an enabled user. For more information, see Permissions. |
| Paused Scan Timeout | Paused scan exceeded timeout of [maximum allowed pause] days. Some tasks were aborted. Targets may need to be rescanned. | The paused scan exceeded the maximum pause duration. Re-run the scan for all incomplete scan targets. |
| Pending Scan Timeout | The scan was unable to transition to running within the expected timeout. | Confirm that the selected scanner or scanner group has sufficient capacity, then re-run the scan. |
| Policy Permissions | The owner of the scan does not have access to the configured policy. | You do not have access to the scan policy for this scan. Re-run the scan with correct permissions. For more information, see Permissions. |
| Portscanner Max Ports Exceeded | Portscanners have found more than [number] ports open for target [target name], and the number of reported ports has been truncated to [number] (threshold controlled by scanner preference portscanner.max_ports). Usually this is due to intervening network equipment intercepting and responding to connection requests as a countermeasure against portscanning or other potentially malicious activity. | Since this negatively impacts both scan accuracy and performance, you may want to adjust your network security configuration to disable this behavior for vulnerability scans. |
| Processing Error | Unexpected error in processing. | Tenable Vulnerability Management aborted the scan. Re-run the scan. |
| Routed To Inactive Scanners | The following targets were routed to a scanner group with no active scanners: [scan targets] | Confirm the scanner group contains functioning scanners, then re-run the scan. |
| Running Scan Timeout | The scan exceeded the maximum allowed runtime. | The scan may be taking too long to scan some scan targets. Re-run the scan. |
| Scan Aborted | Scan aborted because it stalled in initializing. | Tenable Vulnerability Management aborted the scan. Re-run the scan. |
| Scan Aborted | An error occurred while initializing the scan. | Tenable Vulnerability Management failed to initialize the scan. Re-run the scan. |
| Scan Aborted | Failed to obtain plugin set information from Tenable Nessus. | Tenable Vulnerability Management failed to download the plugin set. Re-run the scan. |
| Scan Aborted | The assigned scanner was not found. | Tenable Vulnerability Management could not find the selected scanner. Select a different scanner and re-run the scan. |
| Scan Extraction Error | An error occurred during the scan extraction. | |
| Scan Extraction Timeout Error | The scan extraction timed out. | |
| Scan Forbidden | Rejected attempt to scan [scan target], as it violates user-defined rules. |
The scan target is excluded from scans. If you want to scan this target, remove it from the exclusion and re-run the scan. For more information, see Exclusions. Alternatively, you many not have the correct user permissions to run the scan. Check your user permissions and re-run the scan. For more information, see Permissions. |
| Scan Force Stopped | The scan was forcefully stopped, which cancels all incomplete tasks and updates scan status to Aborted. | |
| Scan Job Initialization Error | The scan could not be initialized. Please check the scan targets setting for irregularities and contact support if the problem persists. | Tenable Vulnerability Management failed to launch the scan. Re-run the scan with the correct scan target. For more information, see Targets. |
| Scanner Disabled | The assigned scanner is disabled. | A user disabled the selected scanner. Select a different scanner and re-run the scan. |
| Scanner Error | Unexpected error retrieving the assigned scanner. | |
| Scanner Group Error | Unable to load scanner group for scanner [scanner ID]. | Confirm the scan configuration contains one or more valid targets, then re-run the scan. |
| Scanner Interruptions | Due to detection of scanner interruptions during the scan, this scan might have run longer than expected. Scanner name: [scanner name] |
This error occurs when a Tenable Nessus scanner is unable to complete a scan task, and Tenable Vulnerability Management reassigns the scan task to another scanner. This usually happens when the original scanner goes offline intentionally (for example, a user stops, powers off, or unlinks the scanner) or experiences an unexpected failure while completing the scan task (for example, power or network loss). Adjust the Tenable Nessus scanner as needed to prevent interruptions. |
| Scanner Not Found | The assigned scanner was not found. | Tenable Vulnerability Management could not find the selected scanner. Select a valid scanner and re-run the scan. |
| Scanner Permissions | The owner of the scan does not have access to the assigned scanner. | You do not have access to the selected scanner. Select a different scanner and re-run the scan. For more information, see Permissions. |
| Stalled Task | A task was automatically aborted after stalling on scanner. Targets may need to be rescanned: [scan targets] | Confirm the scanners are functioning properly and have enough capacity for your scans, then re-run the scan for unscanned targets or targets that need to be re-scanned. |
| Tag Not Found | Tenable Vulnerability Management could not process the tag. The tag either did not exist at the time of scanning or the user does not have access to the tag. Tag UUID: [tag uuid]. |
Open the scan configuration in Tenable Vulnerability Management to automatically remove any tags that no longer existing. Save the scan configuration and re-run the scan.
|
| Tag Targets Error | Failed to obtain tag targets associated with scan. | Tenable Vulnerability Management could not obtain the scan targets. Verify the targets and re-run the scan. For more information, see Targets. |
| Target Access Error | The owner of the scan does not have access to any configured targets. | You do not have the correct user permissions to run the scan. Check your user permissions and re-run the scan. For more information, see Permissions. |
| Target Group Permissions | The owner of the scan does not have access to all of the configured target groups. | Confirm the scan owner's permissions, then re-run the scan. For more information, see Target Groups. |
| Target Limit | The target count exceeds the maximum allowed for Tenable Vulnerability Management. | The scan target range is too large. Confirm the scan configuration includes a valid target range, then re-run the scan. For more information, see Targets. |
| Target Range Limit | A target range exceeds the maximum allowed targets: [scan targets] | Confirm or reduce the configured scan target range and re-run the scan. For more information, see Targets. |
| Targets Unable To Complete | The following targets are not able to complete scanning in the allowed scan time and will need to be rescanned: [scan targets] | Re-run the scan for unscanned targets or targets that need to be scanned again. |
| Task Initialization Error | Unexpected error during initialization. Targets may need to be rescanned: [scan targets] | Re-run the scan for unscanned targets or targets that need to be re-scanned. |
| Task Processing Error | Unexpected error in processing. Targets may need to be rescanned: [scan targets] | Re-run the scan for unscanned targets or targets that need to be re-scanned. |
| Transition Timeout | Some tasks stalled when being [resumed, paused, or stopped] and were aborted. Targets may need to be rescanned. | Failed to complete scan on some scan targets. Re-run the scan for all unscanned scan targets. |
| Unable To Route Targets | Unable to find a matching scanner route for the following targets: [scan targets] |
Tenable Vulnerability Management could not find one or more scan targets specified in the scan configuration. Do the following, then re-run the scan:
|