- Tenable urges users to update their Nessus instances to avoid a potential plugin security issue
- A previous plugin update saw agents going offline
- The earliest clean version is 10.8.2, so users should update now
Tenable has urged users to update their Nessus instances to avoid a potential plugin security issue.
Tenable Nessus is a widely used vulnerability scanner that helps identify and assess security vulnerabilities, misconfigurations, and compliance issues in networks, applications, and systems.
However, in the final hours of December 2024, the company said it was “aware of and actively investigating” an issue with Nessus agents going offline after plugin updates for certain users on all sites – and as a result, the company temporarily stopped plugin updates.
Resetting plugins
The incident apparently affected Nessus Agent versions 10.8.0 and 10.8.1, for users in North and Latin America, Europe, and Asia. To address the issue, Tenable released Nessus Agent version 10.8.2.
“There is a known issue which can cause Tenable Nessus Agent 10.8.0 and 10.8.1 to go offline when a differential plugin update is triggered. To prevent such an issue, Tenable has disabled plugin feed updates for these two agent versions. Additionally, Tenable has disabled the 10.8.0 and 10.8.1 versions to prevent further issues,” the release notes detailed.
Now, users are called to either upgrade to 10.8.2, or downgrade to 10.7.3 to bring their Nessus agents online. However, they also need to reset their plugins.
“If you are using agent profiles for agent upgrades or downgrades, you must perform a separate plugin reset to recover any offline agents,” the company concluded.
To adress the bugs, users first need to reset agent plugins via a script or a nessuscli reset command, and then manually upgrade the Tenable Nessus Agent using the 10.8.2 install package.
Tenable claims to have more 44,000 customers worldwide, including 65% of the Fortune 500. While the exact number of Nessus users isn’t publicly disclosed, it is safe to assume that Nessus is quite popular in the cybersecurity community.
Via BleepingComputer
