Tenable has issued a strong recommendation for users to update their Nessus instances to mitigate a potential plugin security issue. As a leading vulnerability scanner, Tenable Nessus plays a critical role in helping organizations identify and assess security vulnerabilities, misconfigurations, and compliance challenges across networks, applications, and systems. Recently, the company encountered issues that led to Nessus agents going offline after certain plugin updates, impacting a wide array of users. Therefore, immediate action is necessary to ensure continued operational efficiency and security.
Table of Contents
Resetting plugins
The challenges began to surface in the final hours of December 2024, as Tenable confirmed it was “aware of and actively investigating” the issue related to Nessus agents becoming unresponsive following specific plugin updates. To protect users from further disruptions, Tenable decided to temporarily suspend any ongoing plugin updates.
This incident primarily affected versions 10.8.0 and 10.8.1 of Nessus Agent, with reports coming from users in North and Latin America, Europe, and Asia. In response, Tenable rolled out Nessus Agent version 10.8.2 to remedy the problems. The release notes outlined the situation:
- Known issue: It was found that both Tenable Nessus Agent versions 10.8.0 and 10.8.1 would go offline when a differential plugin update was initiated.
- Preventive measures: To avoid further complications, Tenable disabled plugin feed updates for these earlier agent versions.
- Version restrictions: The use of versions 10.8.0 and 10.8.1 was halted to prevent additional issues.
To restore functionality, users are instructed to either upgrade to version 10.8.2 or revert to version 10.7.3. A reset of the plugins is also essential for bringing their Nessus agents back online. Users utilizing agent profiles for upgrades or downgrades must execute a separate plugin reset to recover any offline agents.
Impact on Users
The occurrence of agents going offline has significant implications for organizations relying on Nessus for continuous monitoring and vulnerability assessment. When systems become unresponsive, the risks associated with an unmonitored network escalate dramatically. Companies are urged to take the following steps:
- Execute a plugin reset: Users need to reset agent plugins using a script or the nessuscli reset command.
- Manual upgrade: Following the reset, agents should be upgraded manually using the Nessus Agent version 10.8.2 installation package.
These actions are vital in ensuring that security protocols remain intact and that potential threats can be addressed promptly. With the evolving landscape of cybersecurity threats, maintaining updated software is crucial in defending networks against vulnerabilities.
Global Reach of Tenable Nessus
Tenable boasts a robust customer base, claiming over 44,000 customers worldwide, with approximately 65% of the Fortune 500 utilizing its services. While the exact number of active Nessus users isn’t publicly available, it is clear that Nessus holds a prominent position within the cybersecurity community. This widespread adoption underscores the importance of potential vulnerabilities and the need for timely updates.
As challenges arise, Tenable continues to engage with its user base, providing timely updates and solutions to ensure the resilience and reliability of its products. Organizations must remain vigilant and proactive in addressing security vulnerabilities and should prioritize plugin updates to sustain optimal performance.
For those interested in enhancing their cybersecurity infrastructure, consulting resources for best antivirus tools or exploring the best endpoint protection tools currently available may prove beneficial.
In summary, the challenges faced by Tenable Nessus highlight the critical nature of maintaining up-to-date security practices. Users are strongly encouraged to act now to safeguard their systems and data integrity.
Via BleepingComputer
Leave a comment