Tenable disabled two Nessus scanner agent versions after a faulty plugin update caused agents to go offline.
Tenable Nessus is a widely-used vulnerability scanning tool designed to identify and assess security vulnerabilities in systems, networks, and applications.
Tenable was forced to disable two Nessus scanner agent versions because a faulty plugin update caused agents to go offline.
“We are aware of and actively investigating an issue with agents going offline after plugin updates for certain users on all sites.” reads the update published by Tenable on the last day of 2024. “Plugin updates have been temporarily paused.
The company did not share technical details about the problem.
“There is a known issue which can cause Tenable Nessus Agent 10.8.0 and 10.8.1 to go offline when a differential plugin update is triggered. To prevent such an issue, Tenable has disabled plugin feed updates for these two agent versions. Additionally, Tenable has disabled the 10.8.0 and 10.8.1 versions to prevent further issues.” reported the company.
A couple of days later, the vendor announced it was working to address the issue that impacted Nessus Agent version 10.8.0/10.8.1:
- Nessus Agent for Tenable Vulnerability Management (TVM), TSC and Nessus are downgraded from 10.8.0/10.8.1 to 10.7
- All plugin feed updates are disabled except:
- TVM Nessus Agent version lower than 10.8
- TVM linked Nessus Scanner (all versions)
Tenable released Nessus Agent v10.8.2 to fix issues with v10.8.0 and 10.8.1, which were disabled.
“To fix the above issue, all Tenable Vulnerability Management and Tenable Security Center customers running Tenable Nessus Agent version 10.8.0 or 10.8.1 must either upgrade to agent version 10.8.2 or downgrade to 10.7.3.” continues the advisory. “If you are using agent profiles for agent upgrades or downgrades, you must perform a separate plugin reset to recover any offline agents.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Tenable)
