Tenable Disables Nessus Agents After Faulty Update Causes Offline Issues
Tenable has disabled two versions of Nessus scanner agents after identifying a critical issue that caused them to go offline following differential plugin updates. This measure was taken to prevent further disruption to users and ensure agent stability.
Nessus agents are lightweight, locally-installed programs that allow organizations to scan assets for vulnerabilities, compliance issues, and gather essential data. They play a vital role in automated security scanning and reporting.
Discovery and Immediate Response
On December 31, Tenable detected an anomaly where Nessus agents began going offline after triggering plugin updates. In response, the company paused plugin updates while it investigated the root cause.
By January 2, Tenable determined that the issue was affecting Nessus Agent versions 10.8.0 and 10.8.1 used in Tenable Vulnerability Management (TVM), Tenable Security Center (TSC), and Nessus environments. At that point, Tenable maintained the plugin feed suspension, except for TVM Nessus Agent and TVM-linked Nessus Scanner.
Resolution and Agent Disabling
Later that day, Tenable rolled out Nessus Agent version 10.8.2, which addresses the issue. By January 3, the company fully disabled versions 10.8.0 and 10.8.1 and resumed plugin feed updates. The new version prevents affected agents from encountering the offline issue.
Organizations utilizing Nessus agents in Tenable Vulnerability Management or Nessus Manager are urged to upgrade to version 10.8.2 or downgrade to version 10.7.3. In addition, they should reset their plugins to ensure a smooth recovery. In specific instances, manual plugin updates and resets may be necessary.
Official Guidance
Tenable emphasized: “To fix the above issue, all Tenable Vulnerability Management and Tenable Security Center customers running Tenable Nessus Agent version 10.8.0 or 10.8.1 must either upgrade to agent version 10.8.2 or downgrade to 10.7.3.” The company further explained, “If you are using agent profiles for agent upgrades or downgrades, you must perform a separate plugin reset to recover any offline agents.”
No Security Impact
Responding to inquiries from SecurityWeek, Tenable’s Chief Product Officer, Shai Morag, clarified that this incident was not a security event and did not compromise customer data.
Morag stated, “On December 31st, Tenable identified some of the Nessus Agents on version 10.8.0 & 10.8.1 going offline after receiving a plugin update released on this date due to unsuccessful plugin compilation resulting in a plugin update error.” He reassured users that Nessus Agent version 10.8.2 resolves the issue and that versions 10.7.x and earlier were unaffected.
Tenable has provided additional guidance and detailed instructions through release notes and Knowledge Base articles to assist users in updating or downgrading their agents effectively.
Key Takeaways
Affected Versions: Nessus Agent 10.8.0 and 10.8.1
Fixed Version: Nessus Agent 10.8.2
Action Required: Upgrade to 10.8.2 or downgrade to 10.7.3, reset plugins
No Security Breach: The issue did not compromise customer environments
No comments:
Post a Comment