Softpedia >Windows >Security >Security Related >Nessus >  Changelog

Nessus Changelog

What's new in Nessus 10.7.2

Apr 2, 2024
  • Optimized the evaluation of Tenable Nessus scanning rules to improve scan times for scans in which a rule specifies a hostname.
  • Improved error handling under low memory conditions to increase scanner stability.

New in Nessus 10.6.4 (Dec 12, 2023)

  • Tenable Vulnerability Management FedRAMP environments support Tenable Nessus scanners version 8.x and 10.4.0 and later.
  • (Automatic upgrades only) If you upgrade Tenable Nessus to a version later than 10.5.0, the Tenable Nessus will first upgrade to 10.5.0 before it upgrades to the desired version.
  • You can upgrade to the latest version of Tenable Nessus from any previously supported version.
  • If your upgrade path skips versions of Tenable Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • If you want your scanners to update to the newest version before the GA date automatically, set your Tenable Nessus Update Plan to Opt in to Early Access releases.
  • If you want to update your scanners to the latest version before the GA date manually, disable automatic updates so the scanner does not automatically downgrade to the previous version.

New in Nessus 10.6.3 (Nov 17, 2023)

  • Fixed a local privilege escalation bug.
  • Improved the URL parsing when running web application scans against internal hosts.

New in Nessus 10.6.2 (Oct 31, 2023)

  • Security Updates:
  • The following are security updates included in Tenable Nessus 10.6.2:
  • Fixed a local privilege vulnerability.
  • Fixed an issue that caused file name integer overflow in zlib 1.3.
  • Updated OpenSSL to version 3.0.12.
  • Bug Fix:
  • Fixed an issue that affected report exports generated from scans with names containing characters that are unsupported by file systems.
  • Fixed an issue where Tenable Nessus rules would incorrectly reject outbound TCP connections when a rule specifies a host name.
  • Fixed a scan permissions issue in the scan configuration user interface.
  • Fixed an issue that sometimes caused scanner instability when verifying credentials using OCSP.

New in Nessus 10.6.1 (Sep 19, 2023)

  • Fixed an issue in which Tenable Nessus used excessive system memory while processing large scan DBs.
  • Fixed an issue that caused plugin output to not show in compliance scans.
  • Fixed plugin forking misbehaviors that caused excessive memory usage.
  • Fix an installation failure issue that would occur when updating Tenable Nessus from 10.5.4 to 10.6.0 via msiexec.

New in Nessus 10.6.0 (Aug 29, 2023)

  • New:
  • Tenable Nessus Expert now supports web application scanning.
  • You can now configure the number of days that Tenable Nessus Manager retains scans.

New in Nessus 10.5.4 (Aug 2, 2023)

  • The following enhancements are included in Tenable Nessus 10.5.4:
  • Improved the processing of known_CA.inc during plugin updates.
  • The following are security updates included in Tenable Nessus 10.5.4:
  • Updated OpenSSL to 3.0.10.
  • Bug fixes:
  • Fixed an issue in which the Extended Migration tab would load indefinitely.
  • Fixed an issue that caused a cluster child node to restart every hour.

New in Nessus 10.5.3 (Jun 28, 2023)

  • Updated OpenSSL to 3.0.9.

New in Nessus 10.5.2 (May 12, 2023)

  • The following are security updates included in Nessus 10.5.2:
  • Updated libxml2 to 2.11.1.
  • Updated libxslt to 1.1.37.

New in Nessus 10.5.1 (Mar 30, 2023)

  • Fixed the logic that Nessus plugins use to determine whether ports are open or closed before portscanning.
  • Fixed an issue where Tenable.sc-managed scanners were not communicating with Tenable.sc during setup.
  • Fixed an issue where agent core updates were not processing on Nessus Manager.

New in Nessus 10.5.0 (Mar 3, 2023)

  • New Features:
  • Added Docker support for Tenable.sc-managed scanners. For more information, see Deploy Nessus as a Docker Image.
  • Added the ability to save custom filter configurations. For more information, see Search and Filter Results.
  • Improved the activation workflow of purchased products. Activating previously purchased products is now easier. For more information, see Configure Nessus.
  • Expanded VPR for Nessus Professional and Nessus Expert.
  • Updated the Nessus Manager Sensors tab to show agent UUIDs.
  • Enhanced Attack Surface Discovery results filtering so that you can filter by all result columns.
  • Added the ability to export Attack Surface Discovery scan results.
  • Changed Functionality and Performance Enhancements:
  • The following enhancements are included in Nessus 10.5.0:
  • Improved CA read performance over TLS.
  • Improved Nessus global DB backup performance.
  • Added Terrascan.db to the nessuscli backup command.
  • Security Updates:
  • The following are security updates included in Nessus 10.5.0:
  • Updated spin.js to 2.3.2.
  • Updated datatables.net to 1.13.2.
  • Updated OpenSSL to 3.0.8.
  • Bug Fixes:
  • Updated Nessus to send socket timeouts when the send operation is in the SSL_WANT_READ state.
  • Reduced Nessus memory use when parsing hostnames.
  • Fixed a bug that generated the API disabled message.
  • Added Kanji font support in PDF reports.
  • Prevented configuration of the default cluster group while plugins are compiling.
  • Modified the behavior of payload handling to return a 400 error if a payload is not complete.
  • Modified Nessus to load activation workflow scripts locally to prevent plugin 119811 from flagging tenable.com.
  • Nessus now backs up default files when you perform a full reset of Nessus.Fixed a PDF page break issue.
  • Added the build number to the available Nessus Agent upgrade listing.
  • Supported Platforms:
  • Added support for the following operating systems:
  • Rocky Linux 9 (x86_64 and AArch64)
  • Alma Linux 9 (x86_64 and AArch64)
  • Redhat 9 (x86_64 and AArch64)
  • Debian 11 (i386 and AMD64)
  • Removed support for the following operating systems:
  • FreeBSD 11 and earlier
  • Ubuntu 13.10 and earlier
  • SUSE 11 and earlier
  • Debian 9 and earlier
  • Oracle Linux 6 and earlier
  • CentOS 6 and earlier
  • Kali 2019 and earlier
  • Windows 8 and earlier
  • Windows Server 2008 R2 and earlier
  • Changed Functionality and Performance Enhancements:
  • The following are changed functionality and performance enhancements included in Nessus 8.15.8:
  • Removed the ability to specify a Java executable path from the Nessus user interface to prevent undesired changes. Administrators can now specify a Java executable path with a nessuscli command: nessuscli fix --set path_to_java (for more information, see Fix Commands).
  • Fixed an issue that prevented users from using the Tenable migration tool to migrate Nessus 10.4.x licensed scanners to Tenable.io.
  • Security Updates:
  • The following are security updates included in Nessus 8.15.8:
  • Fixed a local privilege escalation vulnerability.

New in Nessus 10.4.2 (Jan 18, 2023)

  • Changed Functionality and Performance Enhancements:
  • The following are changed functionality and performance enhancements included in Nessus 10.4.2:
  • Removed the ability to specify a Java executable path from the Nessus user interface to prevent undesired changes. Administrators can now specify a Java executable path with a Nessuscli command: nessuscli fix --set path_to_java (for more information, see Fix Commands).
  • Bug Fixes:
  • Fixed a network socket state that caused Nessus processes to stall in certain circumstances.
  • Enabled TCP keepalives on certain network connections to shorten Nessus stall times.
  • Security Updates:
  • Fixed a local privilege escalation vulnerability.

New in Nessus 10.4.1 (Nov 3, 2022)

  • The following are security updates included in Nessus 10.4.1:
  • Updated OpenSSL to 3.0.7 to address two high-severity security vulnerabilities.
  • Updated the libexpat library to 2.5.0 to address a security vulnerability.
  • Bug Fix:
  • Increased the Nessus Manager node update payload size.

New in Nessus 10.4.0 (Oct 28, 2022)

  • New Features:
  • The following are the new features included in Nessus 10.4.0:
  • You can now activate new Nessus Professional and Nessus Expert trials from within the application when you start Nessus for the first time.
  • Nessus Expert users can now view Terrascan results and generate reports from the Nessus Expert user interface.
  • You can now log in and perform some operations while Nessus compiles plugins.
  • You can now manage multiple agents at once by using bulk commands from the Nessus Manager user interface.
  • Nessus usernames can now contain parentheses — "(" and ")".
  • Nessus now has improved log rotation flexibility.
  • Nessus now supports FIPS mode communications.
  • Nessus now has improved TLS 1.3 support due to the following additions:
  • The ChaCha20 stream cipher with the Poly1305 message authentication code.
  • The Ed25519 and Ed448 digital signature algorithms.
  • The x25519 and x448 key exchange protocols.
  • Changed Functionality and Performance Enhancements:
  • The following enhancements are included in Nessus 10.4.0:
  • You can now make copies of scan templates.
  • ASM scan efficiency improvements.
  • Report queue processing improvements.
  • Scan note language improvements.
  • Changed Functionality and Performance Enhancements:
  • The following are security updates included in Nessus 10.4.0:
  • Updated the following libraries to address several vulnerabilities:
  • Updated datatables to 1.12.1.
  • Updated jquery-ui to 1.13.2.
  • Updated less.js to 4.1.3.
  • Updated moment.js to 2.29.4.
  • Updated select2.js to 4.0.13.
  • Updated underscore.js to 1.13.4.
  • Updated zlib to 1.2.13.
  • For more information, see the Tenable Product Security Advisory.
  • Fixed an input validation issue for some input fields that relied on client-side validation.
  • Updated Nessus Manager linking so that linking keys for agents, scanners, and nodes are now different from each other.

New in Nessus 10.3.1 (Oct 27, 2022)

  • Security Updates:
  • The following are security updates included in Nessus 10.3.1:
  • Updated the following libraries to address several vulnerabilities:
  • Updated datatables to 1.12.1.
  • Updated moment.js to 2.29.4.
  • Updated libexpat to 2.4.9.
  • Updated libxml2 to 2.10.3.
  • Updated zlib to 1.2.13.
  • Upgrade Notes:
  • If you are upgrading to Nessus Expert from a previous version of Nessus, you must upgrade Nessus to 10.3 prior to performing the Expert upgrade.
  • Due to the dynamic plugin compilation update, Nessus customers who have custom plugins could experience compilation failures if their plugins do not adhere to the updated standards outlined in the NASL Library Optimization guide. We recommend that customers with custom plugins review this guide and make any necessary updates before updating to Nessus 10.0.x.
  • You can upgrade to the latest version of Nessus from any previously supported version.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • If you want your scanners to automatically update to the newest version before the GA date, set your Nessus Update Plan to Opt in to Early Access releases.
  • If you want to manually update your scanners to the latest version before the GA date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
  • For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:
  • Windows 7 SP1
  • Windows Server 2008 SP2
  • Windows Server 2008 R2 SP1

New in Nessus 10.3.0 (Jul 11, 2022)

  • New Features:
  • The following are the new features included in Nessus 10.3.0:
  • Added the new Nessus Expert license and the ability to upgrade to Nessus Expert from the user interface.
  • Added new Terrascan scanning features to Nessus Expert.
  • Integrated Bit Discovery into Nessus Expert as a new scan template: Attack Surface Discovery.
  • Note: The attack surface discovery scan currently has a limit of discovering 375,000 child domains and displaying 2,500 domain results in the default results view. You can view all the scan results by applying filters. Tenable is working to extend the maximum child domain amount for customers with larger sets of exposed child domains.
  • Updated OpenSSL to support version 3.0.5.
  • Updated Tenable.io-linked scanners to support differential plugin updates.
  • You can now configure trusted certificate authorities (CAs) for individual scans.
  • Changed Functionality and Performance Enhancements:
  • The following enhancements are included in Nessus 10.3.0:
  • Updated the Nessus NASL compiler to stop when it encounters file errors.
  • Bug Fixes:
  • Fixed an issue where ACAS colors would appear incorrectly.
  • Fixed an infinite loop issue related to certain HTTP requests.
  • Fixed an RDNS lookup issue that affected some Nessus instances.

New in Nessus 10.2.0 (May 29, 2022)

  • New Features:
  • The following are the new features included in Nessus 10.2.0:
  • Added a new Scan Summary tab that highlights important scan data in Nessus Professional.
  • You can now configure update plans for Nessus Agents linked to Nessus Manager.
  • BYOL scanners can now add scan targets by Instance ID.
  • Added details of plugin execution failures to audit trails.
  • Changed Functionality and Performance Enhancements:
  • The following enhancements are included in Nessus 10.2.0:
  • Added more detailed logging for node scans.
  • Improved compliance reporting performance by removing description data.
  • Extraneous data in compliance descriptions is now disabled by default.
  • Added a preference setting that limits the amount of data generated by compliance plugins.
  • Security Updates:
  • The following are security updates included in Nessus 10.2.0:
  • Updated Zlib to version 1.2.12 to address a medium level vulnerability.
  • Updated libexpac to version 2.4.8 to address several security vulnerabilities.
  • Removed Nessus version information from unauthenticated API calls.
  • Updated jQuery UI to version 1.13.0.
  • Bug fixes:
  • Fixed an issue where custom audit files were not included in user-to-user data transfers.
  • VPR data loading is now postponed until after an upgrade-driven restart.
  • Fixed an issue where a database file was incorrectly deleted due to contention.
  • Fixed an issue where plugins would fail to abort when reaching memory limits in certain environments.
  • Fixed an issue where agent scan durations were exceeding the scan window setting.
  • Fixed an issue where a User-Defined Nessus Agent scan would incorrectly save as an Advanced Agent scan.
  • Fixed an issue where the Nessus Manager dashboard would not change when plugin rules are applied.
  • Fixed an issue where Web App Scanning scan configuration options were not editable.
  • Fixed an issue where exported report sections would be incorrectly colored.
  • Fixed an issue where the report reference text would overlap the surrounding content.
  • Fixed an issue where linking a Nessus scanner to Tenable.io would fail when designating group memberships.

New in Nessus 10.1.2 (Mar 31, 2022)

  • The following are the new features included in Nessus 10.1.2:
  • You can now install and access Terrascan, a static code analyzer for Infrastructure as Code, on your Nessus Professional or Essentials instance from the new Terrascan page. Terrascan is most commonly used in automated pipelines to identify policy violations before insecure infrastructure is provisioned.
  • The following are security updates included in Nessus 10.1.2:
  • OpenSSL was updated to the latest version 1.1.1n.
  • For more information, see the Tenable Product Security Advisory.

New in Nessus 10.1.1 (Feb 9, 2022)

  • The following are security updates included in Nessus 10.1.1:
  • Updated the Nessus Expat library to version 2.4.4 to address security vulnerabilities identified in previous Expat versions.

New in Nessus 10.1.0 (Jan 31, 2022)

  • Improved performance and scalability for Nessus Manager clustering.
  • Nessus now supports the following operating systems:
  • Oracle Linux 8
  • Windows 11
  • Windows Server 2022
  • Ubuntu 18 for Arm/Graviton2
  • Mac 12 (Monterrey)
  • Changed Functionality and Performance Enhancements:
  • The following additional enhancements are included in Nessus 10.1.0:
  • Updated reports with a consistent look and feel.
  • Updated debug report with a list view for better ease of use.
  • Reduced CPU utilization of Nessus when running on Openshift servers.
  • Nessus now discards the results of a dead target if it becomes unreachable mid-scan when the stop_scan_on_disconnect flag is on.
  • Updated Nessus to use the latest version of snappy 1.1.7 (a compression agent).
  • Updated Nessus to use the latest version of libxml2 2.9.11 (a XML parsing utility).
  • Security Updates:
  • The following are security updates included in Nessus 10.1.0:
  • Secured underscore.js (a Javascript library) against arbitrary code injections.
  • Bug Fixes:
  • Fixed memory allocation handling to better handle allocation errors encountered in certain plugins.
  • Fixed a reporting error where multiple vulnerabilities found on a single host were not counted properly.
  • Fixed a reporting user interface problem where the PDF report option was not being presented.
  • Improved the build process to address an Amazon Linux package signing error.
  • Fixed a report issue where plugins with risk factor none would cause empty results.
  • Fixed a browser zoom issue where some vulnerability and compliance counts would disappear on the percentage bar.
  • Updated the scan API documentation to provide required integer values for severity levels.
  • Updated Nessus KB article 000001742 to correctly describe the method by which the engine determines that a target host is unresponsive.
  • Fixed manager web server performance by increasing file upload handling efficiency.
  • Fixed an error where the local scanner database item was inadvertently replaced.

New in Nessus 10.0.2 (Dec 15, 2021)

  • Changed Functionality and Performance Enhancements:
  • To facilitate a rapid response to new and critical security threats, Tenable.io users can now trigger an immediate plugin update on their scanners from the Tenable.io user interface, rather than waiting for the standard 24-hour plugin update cycle.

New in Nessus 8.15.2 (Sep 20, 2021)

  • Nessus has been updated with the latest version of OpenSSL 1.1.1l.

New in Nessus 8.15.1 (Aug 10, 2021)

  • Changed Functionality and Performance Enhancements:
  • Improved scan times by enforcing plugin timeout values. Modified the evaluation order for plugin timeout options to allow for timeout value overrides for all plugins.
  • Improved plugin compilation speed.
  • Bug Fixes:
  • Improved scan times by fixing an issue that caused slow plugin behavior after a plugin timeout.
  • Fixed an issue with memory usage tracking that could cause plugin aborts and Agent connection issues with large Nessus Manager / Agent deployments.

New in Nessus 8.15.0 (Jun 15, 2021)

  • Security Updates:
  • This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.
  • A vulnerability where after an installation occurs and the user runs a repair on the installation, the repair option allows any user to execute the action without admin privileges has been fixed.
  • Two third-party libraries (SQLitesqlite)were identified as vulnerable and have been updated.
  • New Features:
  • Nessus CLI now supports a new command, nessuscli import-certs, to add certificates, validate that they are matching, and place them in the correct directory.
  • For more information, see Nessuscli in the Nessus User Guide.
  • Changed Functionality and Performance Enhancements:
  • Nessus now uses Npcap as a Windows packet capture library, instead of WinPcap, which was discontinued.
  • The Windows 2008 OS is no longer supported.
  • Implemented multiple improvements for logging:
  • A new log file, nessuscli.log, logs all Nessus CLI operations.
  • Improved logging to show successful and failed scan uploads.
  • Improved logging for www_server.log to show start, end, and elapsed times for each access to the Nessus web server.
  • Nessus scanner type added to the log.
  • pre_sig.txt & post_sig.txt have been combined into other_logs.txt.
  • Nessus now uses milliseconds timestamps in backend.log.
  • Added to logs when a scan fails due to missing files instead of ignoring.
  • Advanced settings of agent scan for "Audit Trail Verbosity" and "Include the KB", settings override the server advanced settings called "agent_merge_audit_trail" and "agent_merge_kb" if disabled to ensure proper function.
  • A new Advanced Setting, merge_plugin_results, was added to support merging plugin results for plugins that generate multiple findings with the same host, port, and protocol. This setting is recommended to be enabled for scanners linked to Tenable.sc.
  • Bug Fixes:
  • Fixed an issue where agents would not link after transitioning from Nessus Manager to Tenable.io.
  • Fixed an issue where scheduled scans in Nessus Manager would fail
  • Fixed an issue where there is a discrepancy in CSV file generated from compliance scan export vs what is shown in the U
  • Fixed an issue where an IPv6 target scan would fail.
  • Fixed an issue where Nessus would ignore certain rules.

New in Nessus 8.14.0 (Apr 5, 2021)

  • New Features:
  • CVSSv2 and CVSSv3 Support: Configurable Severity Base:
  • You can choose whether Nessus calculates the severity of vulnerabilities using CVSSv2 or CVSSv3 scores by configuring your default severity base setting. When you change the default severity base, the change applies to all existing scans that are configured with the default severity base. Future scans also use the default severity base. For more information, see Configure Your Default Severity Base in the Nessus User Guide.
  • You can also configure individual scans to use a particular severity base, which overrides the default severity base for those scan results. For more information, see Configure Severity Base for an Individual Scan in the Nessus User Guide.
  • By default, new installations of Nessus 8.14 or later use CVSSv3 scores (when available) to calculate severity for vulnerabilities. Preexisting upgraded installations from earlier than 8.14 retain the previous default of CVSSv2 scores.
  • VPR Support for Nessus:
  • Vulnerability Priority Rating (VPR), the output of Tenable Predictive Prioritization, is a dynamic companion to the data provided by the vulnerability's CVSS score, since Tenable updates the VPR to reflect the current threat landscape. VPR helps organizations improve their remediation efficiency and effectiveness by rating vulnerabilities based on severity level – Critical, High, Medium and Low. For more information, see CVSS Scores vs. VPR in the Nessus User Guide.
  • You can now view a new tab for scan results, Top Threats by VPR, which displays the 10 most severe vulnerabilities as determined by their VPR score. For more information, see View VPR Top Threats in the Nessus User Guide.
  • VPR is a dynamic score that changes over time to reflect the current threat landscape. However, VPR Top Threats reflect the VPR score for the vulnerability at the time the scan was run. To get updated VPR scores for vulnerabilities in a scan, re-run the scan.
  • To ensure VPR data is available for your scans, enable plugin updates.
  • Changed Functionality and Performance Enhancements
  • The following additional enhancements are included in Nessus 8.14.0:
  • The Nessus user interface was updated to use more inclusive language.
  • Nessus backups now include concatenated certificate container .pem files.
  • Security Updates:
  • OpenSSL was updated to the latest version 1.1.1k. For more information, see the Tenable Product Advisory.
  • Bug Fixes:
  • Fixed an issue with Nessus agent clustering where not all agent results were shown correctly in the UI when under heavy load, due to DB lock and network connection issues.
  • Fixed an issue where group settings would not get honored when linking agents to a clustered Nessus Manager.
  • Fixed an issue where agent scans could get aborted if the node it was linked to performed a plugin update while the scan was active.
  • Fixed an issue that, in very rare cases, could cause Nessus to crash on the first day of each month when attempting to run scheduled scans.
  • Corrected the URL displayed for offline Nessus activation to use HTTPS instead of HTTP.
  • Added UI support for specifying an IPv6 address when configuring a proxy server to link a managed scanner.
  • Corrected the online API documentation for the /api#/resources/scans/configure to note that the "name" field is required.

New in Nessus 8.13.2 (Apr 2, 2021)

  • OpenSSL was updated to the latest version 1.1.1k.

New in Nessus 8.13.1 (Dec 17, 2020)

  • Bug fixes:
  • Fix issue on Nessus Manager cluster parent node with processing Agent scan results greater than 2GB.

New in Nessus 8.13.0 (Dec 7, 2020)

  • Ability to deploy Nessus as a Docker image for a container – Users can now access an official Docker image for Nessus to deploy as a container. You can run Nessus offline or online, and the deployment includes plugin support.
  • For more information, see Deploy Nessus as a Docker Image in the Nessus User Guide.
  • Additional operating system support – Nessus is now supported on Amazon Linux 2 and Apple macOS Big Sur (11).
  • Agent Remote Configuration – You can configure some agent settings remotely from Nessus Manager, rather than having to configure the setting directly on the agent.
  • For more information, see Modify Remote Agent Settings in the Nessus User Guide.
  • New Predefined Reports for Nessus Professional– Added three new predefined reports for Nessus Professional customers, allowing users to create HTML or PDF reports that preconfigure the most useful summaries for vulnerability management.

New in Nessus 8.12.1 (Oct 30, 2020)

  • Bug Fixes:
  • Note: This release includes a fix for a potential vulnerability. For more information, see the Tenable Product Security Advisory.

New in Nessus 8.12.0 (Oct 8, 2020)

  • Changed Functionality and Performance Enhancements:
  • Added additional data to the Nessus debug report, to better assist in troubleshooting, including public/non-secret certificate information and license type and features.
  • Removed the Scanner tab from the Nessus user interface for all license types except for Nessus Manager.
  • In Nessus Manager, linked agents and scanners are now accessed from the new Sensors page in the top navigation bar.
  • Bug Fixes:
  • Fixed an issue with using the "pkg add" command for installation on FreeBSD v11
  • Fixed an issue with connections being dropped if Nessus tried to open more than the configured maximum number of concurrent TCP sessions per host for a target
  • Fixed an issue where the "last scanned" timestamp for an Agent was updated even if the Agent did not report results
  • Fixed an issue where unlinked Agents were sometimes not being deleted from Nessus Manager
  • Improved performance of some database queries that were potentially causing Agent merges to fail due to database lock timeouts.
  • Fixed a bug with target list enumeration that in rare cases was causing Tenable.io cloud scanners to get in an infinite loop and run out of memory

New in Nessus 8.11.1 (Aug 21, 2020)

  • Changed Functionality and Performance Enhancements:
  • nessusd.dump Log File Millisecond Timestamps - When the advanced setting logfile_msec is enabled, millisecond resolution is enabled for nessusd.dump log file timestamps. Previously, only the nessusd.messages log file supported this setting.
  • Added Context for Security Notes - Nessus scan security notes now show the IP address and plugin ID of the target and plugin that produced the note, adding critical context which is useful for debugging.
  • Duplicate Agent Detection - Nessus Manager detects duplicates agents that have the same MAC address. When the agent setting detect_duplicates is enabled, agents detected as a duplicate automatically unlink and reset its Tenable UUID.
  • Updated jQuery third party library - Upgraded the version of jQuery used in the online Nessus API documentation, to remove security vulnerabilities reported in the older version.
  • Bug Fixes:
  • Added protections to prevent out-of-bounds memory access in the NASL process space.
  • Added validation checks to the JSON config file used for streamlined scanner deployment.
  • Fixed an issue causing the session timeout to not be honored when the user was on the Settings > About page.
  • Added systemd support for Debian/Ubuntu on versions that use systemd over init.d, to address an issue with running as non-root user.
  • Fixed an issue encountered in Google Chrome where the navigation links were only clickable from the bottom.
  • Fixed a pagination issue with host discovery scan results when a large number of hosts was returned.
  • Fixed an issue where Agent scans configured with a 24-hour scan window would miss the next day's launch due to unfinished processing for the current scan.
  • Updated DB access settings to prevent the possibility of DB corruption on Nessus Manager configured as a Cluster Manager.
  • Fixed an issue where scanners managed by Tenable.io would not update plugins if a core software update was also pending.
  • Fixed a race condition that could cause scan results to not be detected as completed, resulting in aborted scan chunks.

New in Nessus 8.10.1 (May 20, 2020)

  • New Features:
  • Added Option to Force Stop a Scan Job - Added the ability to force a scan job to stop.
  • Changed Functionality and Performance Enhancements:
  • Increased time window for marking an agent as offline - Improved the determination of when an agent should be considered offline.
  • Upgraded Nessus to use OpenSSL 1.1.1g.
  • Streamlined application of large cloud-based exclusion lists to improve scan performance.
  • Bug Fixes:
  • Scanners managed by Tenable.io will now support updating plugins from Tenable.io while scans are running. Updated plugins will be applied to new scans, not already-running scans.
  • Fixed an issue with target scanning access not being enforced consistently for Tenable.io scans.
  • When a recast rule is used for an emailed report the recast rule was ignored.
  • Resolved an issue where scans run on the first of the month filled-up the disk space with verbose log detail for certain customers.
  • When using the "CVSS Vector Contains" filter in Nessus Pro, results did not match the filter.
  • Email notification for agent scans did not send when clustering is enabled.
  • For Agent scans in clustered environment, the "plugin_set" value was not available in .nessus exports.
  • Resolved issue when processing large exclusion lists that caused delays in starting scans.
  • Exported HTML/PDF did not display enumerated service names.
  • Agent scan in clustered environment was reporting in pending state rather than running.
  • Improved the determination of when an Agent should be considered offline.
  • Fixed an issue where Agent blackout windows were not enforced for Agents in a clustering configuration.

New in Nessus 8.9.1 (Mar 5, 2020)

  • New Features:
  • Additional SSL cipher options - Additional security by updating our SSL cipher options to take full advantage of OpenSSL 1.1.1.
  • Additional OS support - Added support for MacOS Catalina (10.15).
  • Changed Functionality and Performance Enhancements:
  • Quality and stability improvements.
  • Bug Fixes:
  • Fixed issue where a user errantly receives a SIGABRT when running a large scan.
  • Fixed issue where SYN Scanner improperly listed ports by first numeral instead of entire port number.
  • Fixed issue with Scan config defaulting to UTC instead of system timezone.
  • Fixed issue with settings page not loading after upgrade.
  • Fixed issue related to poor performance of external PCI scans on AP cloud scanners.
  • Fixed issue with Dashboard Tab not showing despite being selected in the scan configuration.
  • Fixed issue related to data filtering of agents.
  • Fixed issue related to timezone misconfiguration allowing customers to schedule scans in the past.
  • Fixed issue with not being able to set the agent blackout window using IE 11.

New in Nessus 8.9.0 (Jan 23, 2020)

  • New Features:
  • The following are the new features included in Nessus 8.9.0:
  • Streamlined Sensor Deployment - Capability to include environmental configuration variables as part of a sensor installation.
  • For more information, see Mass Deployment Support in the Nessus User Guide.
  • Changed Functionality and Performance Enhancements:
  • The following are changes to functionality included in Nessus 8.9.0:
  • Open SSL v1.1.1 Update - Nessus scanners will leverage OpenSSL v1.1.1 as part of this release.
  • This causes impact to the ciphers and SSL versions supported. For more information, see the knowledge base article.
  • Capability for Nessus to support plugin databases greater than 4 GB.
  • This causes an automatic full recompilation of the plugins upon first startup after upgrade, which may take several minutes.
  • Bug Fixes:
  • Fixed issue where a user was unable to login to Nessus using a certificate
  • Fixed issue where remediation tab was not being displayed
  • Fixed issue where a basic user could not view results in Nessus Manager
  • Fixed issue where a scan with a policy with mixed plugin families would not run
  • Fixed issue related to upgrading on Windows platforms from earlier versions of Nessus
  • Fixed issue with cloud scans aborting

New in Nessus 8.8.0 (Nov 5, 2019)

  • New Features:
  • Red Hat 8 Support - Nessus now supports Red Hat 8 as a supported host operating system.
  • Agent key update confirmation - A confirmation prompt now appears when a user attempts to update the Nessus Agent key.
  • Change:
  • Log rotation max_files default change - The default value for number of log files retained when rotating logs has changed from 100 to 10. This change applies to backend.log and www_server.log files, and will cause the oldest files to be rotated off if the new maximum is exceeded. Customers can modify the number of log files retained by changing the setting in the log.json file.
  • Bug Fix:
  • Fixed an issue where ping doesn't work in a static route network environment
  • Fixed an issue where some appliances were consuming their available disk space with logs by reducing the default log rotation Max_Files value to 10
  • Fixed an intermittent issue where blackout windows were not enforced by Nessus Manager
  • Fixed an intermittent issue where agent policies may have been missing a selected tag
  • Fixed a presentation issue in the UI with very long folder names
  • Fixed an issue where blackout windows were not enforced immediately after 00:00
  • Fixed an issue where an agent unlinked from UI cannot relink from agent CLI
  • Fixed an intermittent issue with heartbeats not properly timing out in the NASL recv() function

New in Nessus 8.7.2 (Oct 10, 2019)

  • New Features:
  • International Character Display: Added ability to properly store and display international characters in Nessus scan results.
  • Bug Fixes:
  • Fixed an issue where Tenable.io linked scanners had intermittent SSL errors if they could not reach ocsp.digicert.com.

New in Nessus 8.7.0 (Sep 24, 2019)

  • New Features:
  • Nessus Manager Clustering Enhancements: Support for agent migration into Nessus Manager clusters is now available. Clustering no longer requires a licensing flag, and is available to be configured for all customers using Nessus Manager for large agent installations.
  • Tenable Research News Widget: In Nessus Essentials, RSS feed-based notifications present recent publications from Tenable Research in the UI, providing a live view of the ongoing research and publications of Tenable's cutting-edge Research organization.
  • Host Discovery Scan Wizard: New users of Nessus Essentials and Nessus Professional trial are presented with a scan wizard upon first use of the product to walk through the process from host discovery to vulnerability scanning. Now it only takes a couple clicks for new users to create and execute their first scan.
  • Licensing transparency for Nessus Essentials and Nessus Professional Trial: A new License Utilization page gives Nessus Essentials and Nessus Professional trial users visibility into the hosts that have consumed their licensed pool of hosts, as well as the length of time before each asset will no longer count against the license.
  • Updated Host Discovery Results Page: Refreshed the results page for Host Discovery Scans to present more relevant information. Users can now see port, host, and OS information when available, based on the type of discovery scan performed.
  • Launch scans from result set of another scan: Users can now select hosts from one scan result set to open or launch a new scan with those hosts pre-populated as targets.
  • Scan templates have been grouped by type: Scan templates have now been grouped by type and will fall into one of the following categories: Discovery, Vulnerability, and Compliance.
  • Bug Fixes:
  • Fixed an issue where all agent filters are removed when removing just one.
  • Fixed an issue with Nessus compliance filters returning zero results.
  • Fixed an issue where Nessus Manager blackout window was not being enforced.
  • Fixed an intermittent issue where a scan ran outside of the scheduled scan time when daylight savings time started.
  • Fixed an issue where managed scanners were displaying templates that are only available through Tenable.io.
  • Fixed an issue where the re-balance button for clustering was not always responsive on first pass.
  • Fixed an issue where disabled scans may not run after being re-enabled.
  • Fixed an issue where the unread/read scan(s) indicator in the UI was sometimes incorrect.
  • Documented the possible agent status values returned from the Nessus/Agents API in the online API documentation.

New in Nessus 8.6.0 (Aug 14, 2019)

  • New Features:
  • In-Product Notification Enhancements - Improved expiration notifications by adding call to action, upsell links, and added the ability for users to dismiss them until the next scheduled reminder. Added new dynamic strings to enable future notification functionality. Also added new notification history to allow users to review previous notifications.
  • Watermarked reports for Nessus Essentials and Nessus Pro Trials - Added watermarks to exported reports for Nessus Essentials and Nessus Pro evaluations.
  • Enterprise Supportability: Scan and Policy Ownership - Our enterprise users of Nessus often have personnel changes that require them to change or remove users from their system. This feature allows administrators to claim ownership of user content.
  • Telemetry Enhancements - Added an advanced setting that allows users to opt out of providing telemetry reporting back to Tenable. Telemetry information ensures that users will benefit from more intuitive and useful features and capabilities in future Nessus releases. Please refer to the documentation describing advanced settings for more information.
  • Bug Fixes:
  • Bug Fix Defect ID
  • Fixed an issue where users were unable to filter the agent list by IP address in Nessus Manager 00832160
  • Fixed an issue with exporting HTML custom reports containing non-standard character sets 00775714
  • Fixed an issue where multi-homed machines would not honor the forced source IP command 00801670
  • Fixed an issue with scan result filters no longer accepting a comma delimited list of values 00832101, 00833265
  • Fixed an issue when attempting to add agents by search results to agent groups 00832160
  • Fixed an issue where plugin attributes were no longer included in .nessus files sent to T.sc, by adding a config setting to re-enable the attributes 00840184, 00848793
  • Fixed an issue where the scanner health page does not appear to display CPU usage correctly
  • Fixed an issue with scan plugin filters
  • Fixed an intermittent issue with displaying records in the Vulnerabilities view
  • Fixed a number of UI presentation issues
  • Fixed typo in the advanced settings for Max HTTP Connections
  • Fixed an intermittent issue with Agent 'status' on Agent Detail page is not displaying state correctly
  • Fixed an issue where 'Plugin Family' filter is not working as expected and showing "no result found"
  • Fixed an issue with agent group deletion work flow
  • Fixed an issue where search agent count is not displaying correctly
  • Fixed an issue where search functionality wasn't as inclusive as expected
  • Fixed an issue where unlicensed scanners show as "expired"
  • Updated OpenSSL version to 1.0.2s.
  • Fixed a potential issue in XMLRPC API affecting Windows installations

New in Nessus 8.5.2 (Aug 6, 2019)

  • Fixed an issue with plugin size causing a significant impact on feed updates and scanning on Nessus scanners.

New in Nessus 8.5.1 (Jul 2, 2019)

  • Bug Fixes:
  • Fixed an issue where Agent filter options no longer include "none" when filtering by "Member of Group."
  • Fixed an issue where the "Select All" check box ignores filter on Agents list page.

New in Nessus 8.4.0 (May 15, 2019)

  • Introducing Nessus Essentials - Nessus Essentials is a free vulnerability scanner for up to 16 IPs that provides an entry point for users into the Tenable ecosystem. Backed by market leading functionality from Nessus Professional, Nessus Essentials gives you the accuracy and speed you need to discover, prioritize and remediate vulnerabilities. Ideal for educators, students and individuals starting their cyber security careers, Nessus Essentials helps you get started with vulnerability assessment.
  • Updates to UI - Branding has been updated throughout the product along with some minor improvements to UI.
  • Enhanced CSV export capability - Users can now select which fields to include as part of their CSV exports. If needed, users can revert to the default export settings.
  • Agent Blackout Windows - The definition of blackout windows in Nessus Manager for agents is being extended with increased granularity. With this feature, blackout windows become more flexible by allowing customers to select specifically which activity is allowed and disallowed during a blackout window.
  • Bug Fixes
  • Fixed issue with NFS plugin not properly detecting mountable drives.
  • Fixed issue with plugin output attachments not opening correctly in some cases.
  • Fixed issue with disappearing scan result search filter when no result is returned by filter.
  • Fixed issue with filters not applying correctly on certain Nessus reports.
  • Fixed intermittent issue with reports not including all expected content.
  • Fixed issue with the nessuscli command producing a benign warning.
  • Fixed issue with ssl_cipher_list advanced setting not being honored.
  • Fixed issue with Nessus installation of templates that cross multiple filesystems.
  • Fixed a number of UI presentation issues.

New in Nessus 8.3.2 (May 1, 2019)

  • Bug Fixes:
  • Fixed issue with plugin output truncation in .nessus reports
  • Fixed issue with the changing of a reported hostname to the FQDN of the target in the presence of certain Tenable.io exclusion rules
  • Fixed issue with Nessus instances crashing in Windows
  • Fixed issue with defragmentation of plugin databases
  • Fixed issue with slow enumeration of exclusion lists during plugin enablement

New in Nessus 8.3.1 (Apr 1, 2019)

  • Bug Fixes:
  • Fixed issue with 8.3.0 Windows scanners occasionally failing on scan export by increasing the default value for the "Max Plugin Output Size" setting to 100MB. (See KB article: https://community.tenable.com/s/article/Nessus-Scanner-restarts-upon-scan-completion).
  • Upgrade Notes:
  • Note: If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.
  • Upgrading to Nessus 8.3.1 will trigger a rebuild of your plugin database. This may take several minutes to complete.
  • After you upgrade Nessus, downgrading to a prior version of Nessus is not supported. Please back up your system first.

New in Nessus 8.3.0 (Mar 27, 2019)

  • Flexibility for Reporting in Nessus Professional - Often there can be too much data; now Nessus enables you to select precisely which information is included when exporting PDF and HTML reports. As an example, a user can choose when exporting to only include the host information, vulnerability information, and vulnerability score when creating a report. The user can also select to save the export options as default for any subsequent exports.
  • Scan Template Updates - Similar to plugin updates, scan templates can be updated at various times. With this release, new policies and policy updates are now delivered automatically.
  • Performance updates for Agent deployments using Nessus Manager - Tenable made improvements to the processing time for scan results on Nessus Manager. The update includes disabling the inclusion of Audit Trail and KB data by default. As a best practice, it is recommended leaving these disabled for production environments. For testing/troubleshooting, both abilities can be re-activated for smaller agent groups if needed.
  • Additionally, new options to optimize agent data merge performance can be configured if desired and can provide additional speed-up. See the Agent Advanced Settings documentation for details on configuring these optimizations.
  • Additional improvements include:
  • Added the ability to update the Offline registration license in the Nessus UI for scanners registered offline.
  • Add a new Advanced Setting plugin_output_max_size_kb, defaulted to 1MB, to configure the maximum per-plugin output size for XML elements in .nessus reports.
  • Added various NASL improvements and bug fixes
  • Bug Fixes:
  • Fixed an issue with filtering Scan Results on a date field that was causing missing results, due to a bad regular expression match.
  • Fixed an issue with importing Agent results by updating XML report processing to remove all invalid characters from XML.
  • Fixed an issue where incorrect date format of yy-mm-dd instead of YYYY-mm-dd was appearing in some places in the UI.
  • Fixed an issue with ARP Discovery.
  • Fixed an issue with importing Advanced Agent scans that was causing all plugins to be enabled in the imported scan.
  • Fixed an issue where customer hostnames containing invalid XML characters were breaking scan exports.
  • Fixed an issue with CSV Report Line Terminations, change cause reports doubling in size.
  • Fixed an issue with Plugin dependency processing that was causing empty results when running offline configuration audits from a Nessus scanner installed on a Tenable Appliance.
  • Fixed an issue with exporting Scan Diffs.
  • Fixed an issue where color-coded severity bullets were not displayed for Nessus PDF reports.
  • Fixed an issue with importing very large scan results into Tenable.sc.
  • Fixed an issue that was causing extraneous error messages in the nessusd.dump log file.
  • Updated openSSL patch level 1.0.2r to ensure latest security fixes are available. For more information, see the security advisory.

New in Nessus 8.2.3 (Feb 18, 2019)

  • Bug Fixes:
  • The previous version was incorrectly signed with the wrong key, which could lead to unexpected application feature flags being enabled in isolated cases. The issue did not affect scan performance or results.
  • Upgrade Notes:
  • Upgrading to Nessus 8.2.3 will trigger a rebuild of your plugin database. This may take several minutes to complete.
  • After you upgrade Nessus, downgrading to a prior version of Nessus is not supported. Please back up your system first.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

New in Nessus 8.2.1 (Jan 25, 2019)

  • Fixed issue where hostname-based exclusion rules caused all hosts to be rejected for Tenable.io linked scanners.

New in Nessus 8.2.0 (Jan 23, 2019)

  • New features:
  • Scanner Health Page: We recently completed our 4th annual Tenable INIT conference, where each year teams assemble for creative problem solving and a bit of fun. This new capability is a direct output of that event. The Scanner Health page is the first step to providing users scanner information, including real-time insight into health and performance data on a local scanner.
  • Examples of details a user can view include host stats; memory and CPU usage as well as application-specific stats including the number of scans running and the number of assets being scanned.
  • Nessus Pro/Manager to Tenable.io Migration: For some users, there may come a time when they want to move to the Tenable.io platform. For those users, we have now automated this process. We are allowing customers who are using Nessus Professional or Manager to migrate their configuration easily into Tenable.io.
  • Additional improvements include:
  • Exposing additional audit trail configurations to advanced settings.
  • Option to adjust log levels without requiring a restart of the service.
  • Bug Fixes:
  • Resolved issue where plugin script timeouts were not working when set to 0.
  • Resolved issue where Agents were receiving unexpected 500 Responses when connecting to Nessus Manager.
  • Resolved issue where Audit scans were failing in Tenable.io when Asset Isolation was enabled.
  • Resolved issue where diff CSV exports in Nessus Manager were blank.
  • Resolved issue where large PDF exports were timing out.

New in Nessus 8.1.1 (Dec 20, 2018)

  • Bug Fixes:
  • Updated openSSL patch level 1.0.2q to ensure latest security fixes are available.
  • Fixed a session timeout issue with Agent scan imports to Tenable.sc (formerly SecurityCenter) that was causing '500 Internal Server Error' responses.
  • Increased the plugin timeout maximum to allow Airwatch scans to complete.

New in Nessus 8.1.0 (Dec 5, 2018)

  • New Features:
  • The following are the new features included in the Nessus 8.1.0 Release:
  • Dynamic Scan Policies – Often you may need to scan your client's environment for vulnerabilities with a specific type of behavior, for example, all vulnerabilities with a known exploit. In the past, with each plugin release, users would have to add each of these plugins to their policy manually. Now, using Dynamic Scan Policies, users can build a scan by creating a specific filter, e.g., all exploitable, and incorporating the filter into the scan policy. By using these filters with your scan policies, new plugins that match the filter are automatically added to the policy.
  • Revamped Advanced Settings Page - Improved the Advanced Settings UI to allow for a more straightforward view of these advanced controls.
  • Remote Log Extraction - Troubleshooting scans and agents can be a significant challenge. With the release of 8.0, we simplified this by allowing users to collect local logs directly from the UI. With this release, we are laying the foundation to also be able to request remote logs from managed scanners and agents.
  • Note: Scanners need to be running 8.1 above and agents need to be running 7.2 (not yet released).
  • Internationalized Dates - Update the Nessus UI to use the international standard date notation, YYYY-MM-DD, where dates are shown.
  • Update to SSL Ciphers - Use strong ciphers by default when negotiating SSL connections.
  • Non-credentialed scan optimization - To decrease the time it takes to run scans, we have updated the logic for non-credentialed scans launched from Nessus to avoid running specific plugins that require credentials to work. Additionally, this significantly improves scan times for Host Discovery scans.
  • Bug Fixes:
  • Fixed issue with vulnerability found on port 8834
  • Corrected issue where unlinked Agents counted towards license usage in Nessus Manager
  • Fixed issue that prevented hosts that included an underscore in their name from being scanned
  • Fixed issue that could cause the SecurityCenter scan status bar to read greater than 100%
  • Fixed issue that caused a crash when scanner metrics were shut down
  • Fixed issue on FreeBSD with scanning targets not on the local subnet
  • Fixed issue with honoring the 'Scan IP addresses in a random order' setting
  • Fixed issue with detecting IP address aliases on a network interface

New in Nessus 7.2.1 Early Access (Sep 14, 2018)

  • What's New:
  • Various documentation and template updates:
  • MobileIron Custom Port Support
  • Fixed credential failure with Lieberman integration
  • Added Huawei local checks to Credentialed Patch Audit
  • Updated PCI scan policy
  • Added PhotonOS to plugin family lists in policy templates
  • Bug Fixes and Improvements:
  • Fixes to recent bugs that were found in the new scan engine released in Nessus 7.2

New in Nessus 7.2.0 Beta (Aug 28, 2018)

  • What's New:
  • The following new feature is included in Nessus 7.2.0:
  • Improved Scan Engine - The Nessus Scan Engine has been refactored to allow for greater scalability, to improve the codebase for greater maintainability, and to facilitate future improvements such as asynchronous I/O, load balancing, etc.
  • Bug fixes and Improvements:
  • Fixed a bug where Nessusd -R is still running after upgrading to 7.2.0
  • Fixed issue in Advanced settings where a user-created "new setting" is not persisted on the Advanced Settings page after returning

New in Nessus 7.1.2 (Jun 26, 2018)

  • What's New:
  • Ability to limit the amount of scan history that's retained - Nessus users will now have the ability to set a limit on how much scan history, in days, is kept. This will help Nessus users manage disk usage.
  • Change link of Nessus scanner from Security Center to Tenable.io - Security Center users can now change the link destination of a Nessus Scanner to Tenable.io within the UI of a Nessus Managed scanner.
  • Bug Fixes & Improvements:
  • Master Agreement updated for Nessus Pro/Home/Eval users.
  • On an existing policy, enabling one plugin will end up enabling the entire family.
  • When creating a scan from an Audit Cloud Infrastructure Template Policy, it forces Targets to be specified, preventing proper scanning.
  • Apple Mail unable to render HTML email from Nessus.
  • "Select All" check-box is checked by default in 2nd page in pagination.
  • Deprecated audits should generate a scan note.
  • Blank result shown in Advance Scan >> Plugins even if "service detection" is enabled.
  • New Scan is created with empty name (Use Space bar key) if we create scan from User Defined policies whereas normal scan is not created using spaces.
  • Updated Nessus password storage to use a secure / slow algorithm like PBKDF2.
  • Plugin Editor when show enabled, disable plugins won't show the rest plugins.
  • 'More' button's options are not loading when user directly click on 'select All' check-box and click on 'More' button.
  • ‘More’ button is NOT displayed on second page to remove selected scans from first page.
  • Selected counts are not matched with Selected items when user un-check the check-all box and validate selected items on first page.
  • Under Scans/Policies >> Plugins, Plugin family status is not getting changed to “ENABLED” if user has applied the filter and changes disabled plugin to enabled from the right side of the plugin list.
  • 'Selected count' are NOT getting cleared if user first click on 'Select All <Count>' link and then click 'Clear selected Items' link.

New in Nessus 7.1.0 (May 15, 2018)

  • What's New:
  • Nessus Professional to Tenable.io Upgrade Assistant
  • Improved Nessus password complexity and management
  • Purchase link added to Nessus Eval
  • Bug Fixes & Improvements:
  • Scan Details of Shared Scan Do Not Contain Scanner
  • Nessus API - "FREQ=ONCE" & "FREQ=ONETIME"
  • Nessus 7.0.x not showing plugins in right windows with multiple filters enabled
  • Agent scan results not being processed
  • Nessus only lists the ipv4 address for the first 100 interfaces
  • Proxy isn't enabled when configured through UI
  • Missing Plugin in Meltdown/Spectre template
  • Session Management Vulnerability in Nessus
  • Agent filtering shows incorrect '+' icons
  • Nessus Web Server version in SecurityCenter details section shows 5.0.0
  • Entering incorrect master password appears to succeed
  • Proxy - Required fields that are missing should be marked red when hitting save
  • Scrollbar in compliance tab hides audit counts
  • Error Text Missing location for OSX
  • Nessus vulnerable to cross-site scripting
  • Editor wrongfully claims an offline config is required for audits
  • Non-default scan window yields input box + drop down
  • Software update banner does not work from Settings->About page
  • Attempting to disable Dashboard, re-enables them
  • Agent API documentation fixes

New in Nessus 7.0.3 (Mar 27, 2018)

  • The following are new features available with Nessus 7.0.3:
  • Ability to use BeyondTrust PasswordSafe as a credential source for Windows and SSH credentials
  • Ability to use Nessus Agents 7.0.3 when you upgrade Nessus Manager to 7.0.3.
  • Bug fixes and improvements:
  • In Nessus Manager, CyberArk credentials now successfully save when a certificate is not attached.
  • Nessus Manager now processes agent results that were submitted while the scan window was open as opposed to halting processing when the scan window finishes. Customers who are using Nessus Manager for agent management may need to re-evaluate their synchronization schedule based on this change.

New in Nessus 6.6.2 (Jun 2, 2017)

  • Bug Fixes:
  • Ignore empty notification filters when building queries
  • Settings for shared scans cannot be updated by a user with 'Can Configure' permissions.
  • Per-host licensing restrictions incorrectly being applied to Host Discovery scans

New in Nessus 6.6.1 (Jun 2, 2017)

  • New Features:
  • Add policy and scan template for Badlock
  • Bug Fixes:
  • Clarify UI wording regarding Nessus licenses for offline activation
  • Fixed condition where spurious “decrementReference” errors were being logged to nessusd.dump

New in Nessus 6.6.0 (Apr 11, 2016)

  • New Features:
  • Nessus Cloud UI Enhancements -- improved workflow and dashboards
  • Nessus Cloud no longer supports Internet Explorer 10 and under
  • Nessus Agents now support running on Windows 10 and Debian 8
  • Nessus Professional, Nessus Manager, and managed Nessus scanners now support running on Windows 10, Debian 8, and Kali 2.0
  • Added the ability to detect malware on the filesystem in addition to in memory
  • Add the "Internal Network PCI Scan" template to Nessus Cloud
  • Upgrade Nessus certificates to SHA-256
  • Bug Fixes:
  • Custom compliance audit info not showing in api call showing policy details
  • Various related to Agent/Manager comms with IPv6 available
  • Scan name missing from email subject and report on emailed Nessus Agent scan results
  • Upgrade from 5.2.12 to 6.5 breaks a Host Discovery scan
  • Don't unlink Windows Agent during upgrade if linked
  • Fixes for IPv6-related issues on scanners
  • Agents can link to manager via /etc/hosts entry, but will not receive scan jobs
  • Nessus SYN scanner doesn't respect port rules
  • Debian/Ubuntu init script status returning incorrect error code when Nessus is stopped
  • Remote scanners don't update based on update commands issued on status page in Nessus Manager
  • Submitting API request for PUT /policies with invalid format will incorrectly return HTTP OK (Status code 200)
  • Offline Config Audit filenames not saving correctly after being changed
  • Update Host Discovery templates to only use accounts specified in policy by default
  • Plugin 46215 Inaccurate Output from Agent Scans
  • XSS via import of malicious Nessus DB file
  • Nessus server crash via XML entities processing bomb
  • Aliasing additional IP Addresses results in Nessus agents reporting incorrect IP
  • TCP Port Scans not working in Nessus Cloud

New in Nessus 6.5.2 (Oct 28, 2015)

  • Bug Fixes:
  • Scanners running on Windows may not scan IPv6 targets

New in Nessus 6.5.1 (Oct 28, 2015)

  • Bug Fixes:
  • User with "can control" permission could cause shared scans to not execute by placing them in Trash.
  • Checking Nessus daemon status on Linux broken in 6.5
  • DNS lookup errors in Nessus 6.5.0 installs on Windows can prevent activation or updates
  • Mobile interface not being displayed on mobile devices

New in Nessus 6.5.0 (Oct 28, 2015)

  • New Features, Improvements, Platform Support:
  • Agents for Ubuntu, Amazon Linux, and Debian
  • Two-factor Support in Nessus Cloud via SMS and email
  • Application Black and White Listing for Airwatch and MobileIron MDM
  • SSO for Nessus Cloud via SAML
  • Allow Nessus Cloud users to reset password from Nessus Cloud
  • Cloud Services Audit - Microsoft Azure Configuration Assessments
  • Apple Profile Manager MDM audit
  • Allow managed scanners to be linked with Nessus Cloud/Manager via command line
  • Excluded aborted/failed scans from trends
  • Add Trend Indicators to Scan Dashboards
  • Add "type" parameter to GET /scans to distinguish between agent and active scans
  • Log job name and UUID when writing scan progress logs in nessusd.messages
  • Display scan stop/start times with timezone setting of manager instead of remote scanner.
  • Brute Force: Only use credentials provided by the user added to Credentialed Patch Audit template
  • Notify user of failure if Windows Agent fails to link during install
  • Add auto update frequency option to "Software Update" in settings
  • On-demand scans default to not launching after being created
  • Bug Fixes:
  • In Nessus 6.4.2 and 6.4.3, Agent scans opened before scan completion could hang in Remediation query
  • Plugin archives with sizes aligned to a specific byte boundary would fail to decompress
  • Corrections to UI text
  • Reduced CPU utilization for some platform configurations
  • Updated API documentation
  • Fixed error when linking to Nessus Cloud via a proxy
  • Unable to delete a large number of Historical Scan data results in certain circumstances
  • Nessus was generating an incorrect date for email.
  • Fixed problem with policy import in SC scans taking a long time, showing up in SC as “Resolving hostnames”
  • Nessus status not displayed correctly in preference pane on OS X when upgraded from a version prior to 6.4
  • Specifying a username of "admin" in Palo Alto credentials interfered with SSH keys

New in Nessus 6.4.3 (Aug 6, 2015)

  • Fix issue with non-Admin permissions on Nessus Agent templates and sharing

New in Nessus 6.4.2 (Jul 21, 2015)

  • Bug Fixes:
  • Update OpenSSL to 1.0.1p
  • Improved resource management during server reloads
  • Improved host discovery scan performance
  • Fix issue with importing large .nessus files

New in Nessus 6.4.1 (Jul 21, 2015)

  • Bug Fixes:
  • Fixed issue where agent may not restart after plugin update.

New in Nessus 6.4.0 (Jul 21, 2015)

  • New Features, Improvements, Platform Support:
  • AirWatch MDM Audits
  • MobileIron MDM audit
  • Cloud Services Audit - RackSpace Configuration Assessment
  • Auditing open ports on Linux/Unix
  • Add ability to copy scans
  • Support CyberArk as an External Credential Store in Nessus
  • Import Nmap results into Nessus to seed scan knowledge base
  • Agents for OS X
  • Agents for RHEL
  • Agents for Fedora
  • Allow users to copy Nessus Scans
  • Allow access to Nessus APIs via API tokens
  • Allow filtering scan results by CWE
  • Registration page should include how to get activation code
  • Credentialed Patch Audit Template should add assessment page to handle false positives.
  • Update plugin output host links
  • Allow users to toggle line and bar displays for historical charts
  • Include Nessus build number in version information in UI, properties api
  • Document switches that can be provided to agent installer command line
  • Add support for TLS 1.2 to Nessus
  • Improve efficiency of scan report upload to manager
  • Bug Fixes:
  • Improved compatibility with SecurityCenter for exported policies
  • Improved Scan Dashboard queries
  • Improved Nessus Agent scalability and results display
  • Improved Nessusd stability
  • Improved SSH credential handling
  • Improved differential scan selection
  • Imported scans do not display the correct start and end times
  • Update 'Credentialed Patch Audit' to use only the credentials provided in the policy
  • Scan fragile devices is enabled by default in templates that aren't using a the 'custom' discovery view.
  • Disabling a scan job from the 'Scan' view by selecting the job, clicking more->disable, does not disable the job.
  • Charts are blurry on high-density displays
  • Plugin archives uploaded through the UI fail to install
  • For an expired activation with auto_updates disabled a new activation key will not show in UI as updated.
  • Remote Scanners now honor proxy settings
  • Compliance plugins no longer shown as vulnerabilities

New in Nessus 6.3.7 (Jun 18, 2015)

  • New Features, Improvements, Platform Support:
  • Add support for OVAL files to SCAP templates
  • Bug Fixes:
  • Upgrade SQLite to 3.8.10.1+
  • Managed scanners may fail to sleep when not busy

New in Nessus 6.3.6 (Jun 18, 2015)

  • Bug Fixes:
  • Scans started from SecurityCenter may experience degraded performance

New in Nessus 6.3.5 (Jun 18, 2015)

  • Bug Fixes:
  • SC policies are not always removed from policies.db
  • Update Cisco ISE connector text to reflect compatibility with ISE 1.2
  • Proxy requests are duplicating the port when fetching updates
  • Unix Compliance audit files listed under Windows on 32 bit platforms
  • Seeing "function call from non-address variable" in the nessusd.dump in US-1A
  • Agent scans might not execute due to an incorrect ip address
  • Scanner job list will append running jobs over and over on update
  • When scanner (old or new) registers, the scanner cannot be deleted until nessus is restarted
  • Unlinking an agent does not remove the agent from the manager if the web service was not reloaded
  • If a user clicks "re-key", the newly generated key cannot be used to link a scanner or an agent until the Nessus instance is restarted
  • Sleep time too short on agent - seeing warnings in log
  • Issue continuing agent scan after reloading with multiple scans in queue
  • Disabling one plugin, disables all plugins in family, family status says 'mixed' on 32 bit OS only

New in Nessus 6.3.4 (Jun 18, 2015)

  • Bug Fixes:
  • Update Debian package descriptions to remove references to Nessus version
  • Remote Scanner plugin tar file is not generating correctly on Centos 7
  • Nessus installer fails on Debian when upgrading existing install
  • Update OpenSSL to 1.0.0r
  • Agent scans are showing duplicate entries in Reference Information under Plugin Details
  • Host detail information is only present for one agent in a multiple agent scan
  • Searching through the agent lists displays a perpetual loading spinner
  • Agent results are not reporting correctly when multiple agent scans are running
  • Users can not stop Agent scans
  • In settings/port scan, netscan(wmi) is listed twice
  • Nessus is not freeing gzip memory once an http session is over

New in Nessus 6.3.3 (Jun 18, 2015)

  • Bug Fixes:
  • Airwatch - Unable to scan via GUI
  • Possible deadlock condition on manager if plugins-attributes.db is corrupted.
  • Offline update fails with current plugin file (all-2.0.tar.gz)
  • Bug report email address no longer exists
  • Command Line Output for Offline Registration Uses Wrong URL for Nessus 6.3+
  • Master password does not work through GUI
  • Remote scan job reference is not saved on reload
  • Manager: autoupdates fork aborts during update
  • Dashboard file is not deleted on disk when scan is removed
  • Agent plugin output displaying incorrect data

New in Nessus 6.3.2 (Jun 18, 2015)

  • Bug Fixes:
  • Attempts to upgrade to 6.3.1 fail with “Could not validate preference” in logs and require a reset of the activation code

New in Nessus 6.3.1 (Jun 18, 2015)

  • Bug Fixes:
  • Write errors in the logs
  • Canceling out of changing your password goes to scans
  • web server binds on 0.0.0.0 instead of listen_address
  • Some Nessus Home installation are stuck in "Unknown mode" after upgrade
  • Web server (6.3) not accessible with some network interface configurations
  • No Scanner Found when upgrading an unregistered scanner from 6 to 6.3
  • Incorrect logging of the local address
  • UI not refreshing for group functions and removing secondaries in IE 11 (9 and 10 as well)
  • During initial setup, all wizards display "Welcome to Nessus" as the tag for the page
  • Issue with agent groups not appearing after creation in IE 11
  • Upgrade using 6.3 msi from 5.2.8 causes error during install 1920 "failed to start"
  • Registering Nessus 6.3 in IE returns to the welcome screen
  • SC-managed scanners should have full scan and policy capability

New in Nessus 6.3.0 (Jun 18, 2015)

  • New Features, Improvements, Platform Support:
  • Nessus Agents for Windows
  • Scan Dashboards
  • Only use responsive layout on mobile devices
  • Add the ability to disable/enable scans from the scan list
  • New Licensing Model
  • Scan multiple DB instances in single compliance scan
  • Bug Fixes:
  • nessusmgt can crash when run with no arguments
  • Filtering plugins to disable 1 plugin disables entire family
  • Files for active SCAP components do not download from policy editor
  • Autoupdates that require soft restart don't work as expected
  • Running a diff on a scan requires edit access due to lack of ability to select scans with read only.
  • API: Creating a job with improperly formated RRULES json property causes job to become corrupt and folder inaccessible.
  • VMware compliance scans don't work from Compliance Wizard, work fine from advanced option
  • Modified time format in Scans/Policy screen is 24 hour time w/ PM indicator
  • Windows Installer does not install plugins-core, or installs it to the wrong place
  • Undefined host in /scans/XX/hosts/undefined/plugins/YY produces 404
  • Vulns list auto-scrolls back up
  • Network Port Scanner: Overriding Firewall Detection defaults from TCP will clear enabled override type from SYN, and vice versa
  • When uploading scan results, the results go into 'My Scans' regardless of the folder selected.
  • Test for /nessus6-api.html#/resources/scans/launch incorrectly encodes alt_targets
  • Changing the custom host does not restart the webserver

New in Nessus 6.2.1 (Jun 18, 2015)

  • Bug Fixes:
  • Scans return with "No host data" after a plugin update
  • Blue Coat is missing from the compliance UI
  • Scheduled Jobs are not running, with no indication of failure or why they didn't run.

New in Nessus 6.2.0 (Jun 18, 2015)

  • New Features, Improvements, Platform Support:
  • Retrieve an uploaded compliance check audit file
  • BlueCoat and Check Point compliance wizard updates
  • Add package reporting for Red Hat Enterprise Linux and SuSE Linux to Altiris PM integration
  • Ability to Disable Scheduled Scans
  • Credential and Compliance search
  • Improved notifications UI
  • Nessus 6 available for i386 (32-bit) architectures
  • OS X 10.10 (Yosemite) support
  • Fedora 21 support
  • There is now one user guide for Nessus and Nessus Enterprise
  • Bug Fixes:
  • Incomplete log message when stopping a scan
  • Bug Report Generator Issues
  • Double upload requests when manually uploading files
  • Incorrect restart reason can show up in logs
  • Bogus scan range causes scanner to scan non-specified targets
  • mkdir crashes on Windows
  • Sorting after search sorts on full data set
  • Scan history is not being purged when scan is deleted
  • Mixed plugin families are not saved correctly when filtering is used
  • Modal Window hangs after deleting a subset of policies
  • Some remote scans are aborted if being started just before a reload of the manager
  • nessuscli fetch --code-in-use writes to the root directory instead of the tmp directory
  • 6.0.X won't automatically update to 6.1.2 on Windows
  • Race condition can allow scanner to set a "done" job back to "completed" and attempt re-processing
  • CentOS RPM depends on KILLALL being installed, which is not a default package in the CentOS7 minimal install
  • Multiscanner use proxy checkbox is not enabling proxy functionality with secondary scanners
  • Attachments in scan results cannot be downloaded
  • Make bug report generator help text clearer
  • Upgrading via MSI makes Nessus unable to be uninstalled or upgraded
  • FortiGate Best Pract check: Error 500 creating advanced policy in both advanced and offline config wizard
  • Various API errors reported on support forums

New in Nessus 6.1.2 (Jun 18, 2015)

  • Nessus 6 long scan names cause export to fail
  • Remote scanner job status race condition on manager reload
  • Offline config audit for fortigate is missing
  • "undefined variable skipped" message in nessusd.dump
  • CVSS Temporal Vector in downloaded reports is wrong
  • Issues with updates on Windows
  • Remote scanners don't stop scans when job no longer exists on manager
  • Cisco ISE REST calls are incorrect
  • Email report generation can cause 100% cpu and hung the scanner resources
  • Mixed plugin families are not saved correctly when filtering is used
  • SC scans are aborted if Nessus reloads while a scan is running
  • Some remote scans are aborted if being started just before a reload of the manager

New in Nessus 6.1.1 (Jun 18, 2015)

  • Show msagent scans in scanner scan list
  • Nessus Scanner managed by SecurityCenter: Settings-Overview shows N/A
  • Cisco ISE requests are still made if no ip address for the host
  • GET /policies/{id} plugins response is incorrect
  • API /scans/import returns id that does not match the id from /scans
  • Edit Password does not check confirm field
  • Users can not edit a vulnerability in host view
  • Internal PCI Policy Template Credentials Not Working
  • Remote scanner upload race condition

New in Nessus 6.1.0 (Jun 18, 2015)

  • Nessus Enterprise not allowing LDAP login of added users
  • Windows Installer: Printing the license agreement does not bring up the print dialog.
  • Avoid scanning printers and Novell Netware hosts when the Windows Malware Scan template is used.
  • Mobile View: No SMTP server configured warning does not show
  • Remote scanner fails to upload reports bigger than 2.1G
  • Hydra settings are missing
  • Risk Factor is not included in the dropdown list for email notifications
  • Plugins: When disabling and then enabling a plugin, the plugin family status does not switch from mixed back to enabled
  • Nessus 6 email notifications contain broken links
  • Plugins are not saved correctly when editing an existing advanced scan policy
  • Nessus 5.0 API /plugins/description call is missing in 6.0 API
  • Selecting 100 scans and running then as a user and then logging out the scans do not complete
  • Add File for Upload Targets is absent in IE9
  • Crash when starting a scan
  • Policies are not using global settings
  • help output of nessusd -h and nessus-service -h needs to be differentiated
  • Scan results show Ipv6 address as 0.0.0.0
  • Invalid xml export from Nessus 6
  • Scheduled scans run from trash

New in Nessus 6.0.2 (Jun 18, 2015)

  • Registration does not go through Proxy server
  • Slow Nessus 6 UI
  • Designate hosts by their DNS name is sometimes not working, in cases where it did in 5.2.x

New in Nessus 6.0.1 (Jun 18, 2015)

  • Nessus 6 - text field size limitation (port scan range)
  • Nessus scanners managed by SecurityCenter shows up as Nessus Home in overview
  • Disable SSLv3 in Web Server (TNS-2014-09)
  • Safari 7.1 hangs during policy creation in Nessus 6

New in Nessus 6.0.0 (Jun 18, 2015)

  • Mac OS X Preferences panel: When nessus is stopped, the status text has the word vulnerabilities misspelled as vulnerabilites
  • Username and Password fields are displayed when Auth Method is set to None.
  • SSH Netstat portscan not reporting port 22 - Plugin 14272
  • Nessus 5.2.6 can't handle SSL tunnels
  • Email Filters after saving and returning, Any Changes back to All
  • Error Message in UI is Spelled Incorrectly
  • Description in schedule scans cannot be removed
  • The NASL VM fails to receive data on SSL socket under certain conditions
  • Stuck in Please wait during login.
  • Nessus Enterprise users last login show NA
  • Saving users in NEC is posting regardless of form errors
  • After importing nessusdb or .nessus scan results, the first .nessus scan export always fails
  • /scan/reset api for SC does not stop the associated scans
  • Information at Settings / Scanners / Local Scanner out of sync
  • HTML export takes forever when the scan result contain multiple host/vuln/outputs
  • No PDF option on Nessus MAC
  • Add bulk modification to scan results

New in Nessus 5.2.0 (Apr 27, 2013)

  • IPv6 is now supported on all platforms (including Windows)
  • Nessus server support for Windows 8 and Windows 2012
  • Add attachments within scan result reports
  • Mac OS X preference pane
  • Digitally-signed Nessus RPM packages for supporting distributions
  • Smaller memory footprint and reduced disk space usage
  • Faster, more responsive web interface (uses less bandwidth)
  • No longer need to visit the Tenable website for an activation code!

New in Nessus 5.0.0 (Mar 7, 2012)

  • Enhanced report customization and creation for improved communication with all parts of the organization.
  • New data visualization provides immediate insight on scan results for improved efficiency
  • Improved scan policy creation and design for more accurate scans
  • Simplified installation and management for enhanced usability

New in Nessus 4.4.1 (Mar 2, 2011)

  • Scan Scheduling:
  • Nessus 4.4 lets you configure scans to run periodically on a daily/weekly/monthly basis. Configure your scans and let Nessus start them at the most appropriate time
  • Enhanced Reporting:
  • Nessus 4.4 lets you compare different scans. It also contains two new report templates: "Executive" and "Detailed".
  • Reload plugins during a scan:
  • Nessus 4.4 can reload its plugins and configuration files while scans are on-going. No need to interrupt any scan to make use of the newest plugins distributed through the ProfessionalFeed.
  • Lower memory requirements:
  • Nessus 4.4 reduces the per-scan memory requirements to half of what the previous version required. The idle size of the Nessus process can be further reduced by changing the backend memory requirements in the configuration file

New in Nessus 4.0.2 Build 4G1046_Q (Sep 16, 2009)

  • Nessus 4 improves performance and reliability over Nessus 3, at the expense of bringing significant architectural changes.

New in Nessus 3.0.5 Build W313 (Apr 30, 2007)

  • on average twice as fast as Nessus 2.2.5 when scanning a local network and as much as 5 times faster when scanning desktop Windows systems