Red Hat Enterprise Linux Unpatched Vulnerabilities

Summary

Tenable is expanding plugin coverage of Red Hat Enterprise Linux vulnerabilities to those that Red Hat has stated within their advisories are in a state of “Will Not Fix”. 

Example Advisory with those states:

Impact

If customers opt-in (see below) to receive findings for unpatched vulnerabilities within their scan policy, then they will see an increased number of findings. At this time, this setting will only apply to Red Hat Enterprise Linux (RHEL) unpatched vulnerabilities; however, there are plans to extend this coverage to other Linux distributions this year.

Each platform and package combination will result in an individual plugin. If additional CVEs are found to affect that platform and package combination, they will be added to the existing plugin. Plugins that fall into this category will also be given an attribute of vendor_unpatched.

In order to enable the feature, check the box in the scan template labeled “Scan for unpatched vulnerabilities (no patches or mitigations available)” and run the scan.  This setting may be found under Settings > Advanced > General Settings.

Affected Plugins

There will be approximately 700 new plugins at release to cover the unpatched vulnerabilities.

Target Release Date

June 3, 2024