Vendor Unpatched Vulnerability Coverage Summary Tenable is...
Vendor Unpatched Vulnerability Coverage Summary Tenable is making fundamental improvements to reporting findings for vulnerabilities that do not have a patch available from the vendor (Vendor Unpatched Vulnerabilities). Customers can now scan for Red Hat Enterprise Linux, Ubuntu, and Debian Linux vulnerabilities that do not have a patch available. Impact Customers who opt-in to scanning for Vendor Unpatched Vulnerabilities by adding the “Scan for unpatched vulnerabilities (no patched or mitigations available)” setting to their scan policy will be able to scan for this class of vulnerability. Tenable will publish a plugin for each CVE with a vulnerability without a patch in any affected and supported operating systems. At this time, Red Hat Enterprise Linux, Ubuntu, and Debian Linux are supported for this feature. Should one or more of the vendors release a patch for one or more of the affected packages, the relevant check(s) will be removed from the plugin; if no checks remain, the plugin will be deprecated. Since the information provided by the vendor does not include which versions of a given package are affected, the checks simply test for the presence of the affected package at any version. The initial feature release will contain approximately 6,000 plugins. As these plugins are released, they will be reflected in the Plugin Search results page here. Due to the large number of plugins being released during this initial cycle, customers will experience a significant plugin feed differential. Target Release Date March 4, 2025
Improvements to Enumeration, Reporting and Utilisation of...
Improvements to Enumeration, Reporting and Utilisation of RPM Repositories in Amazon Linux and Red Hat Enterprise Linux. Summary Improvements have been made to how we report on and use RPM repositories for the purposes of Local Checks on Amazon Linux 2 and Red Hat Enterprise Linux. Changes (Amazon Linux) New functionality has been added to the plugin codebase to enumerate enabled Core and Extras repositories in Amazon Linux by reading the repo files in /etc/yum.repos.d. To surface this information, a new plugin has been written to enumerate the enabled repositories (plugin ID TBC after release) . The detected Extras repositories will be used downstream in Amazon Linux vulnerability detection plugins (e.g al2_ALASDNSMASQ-2024-002.nasl, plugin ID 193452) to determine if the target machine has the relevant Extras repository that hosts the affected/fixed package(s). Changes (Red Hat) At present, we have the ability to enumerate enabled repositories by reading the repo files in /etc/yum.repos.d. Red Hat provides a mapping file, repositories-to-cpe.json, which we use to validate the detected repositories by checking the validity of the detected relative URL only. New functionality has been added to redhat_repos.nasl (plugin ID 149983) to also attempt validation of the enabled repositories via their assigned labels. With the ever increasing usage of custom and/or mirrored repositories in our customers' environments, having the ability to now check both repository URLs and labels provides a better chance of validating the detected repositories. Impact Customers should expect to see more accurate vulnerability detections. This may result in fewer findings due to fewer false positive detections on both Amazon Linux and Red Hat Enterprise Linux going forward. Affected Plugins Any plugins in the Amazon Linux Local Security Checks family that relate to packages hosted in Amazon Linux Extras repositories. All plugins in the Red Hat Local Security Checks family. Affected Sensors Tenable Nessus Tenable Enclave Security Agent Continuous Assessment Target Release Date Nessus Plugins: Amazon Linux : December 11, 2024 Red Hat : December 16, 2024Improved Red Hat Enterprise Linux Repo Detection Summary...
Improved Red Hat Enterprise Linux Repo Detection Summary Tenable is releasing an improvement to how we determine the source repository for packages in Red Hat Enterprise Linux local security checks. With this improved logic, customers will see more accurate scan results. Impact This improvement is significant for our customers with Red Hat Enterprise Linux systems, particularly those who use non-public package repository mirrors. If a customer’s mirrors do not match the relative URL structure found in Red Hat’s repository-to-cpe mapping, they will now experience more accurate scan results. This change is particularly beneficial for packages from application-specific repositories such as Ansible, Openshift, and Ceph, among others. See our Knowledge Article on How ‘Red Hat Local Security Checks’ Operate for more information. Note: Configuring package mirrors using the relative URLs from Red Hat’s repository-to-cpe mapping will result in the most accurate findings. Affected Plugins There will be approximately 1500 plugins modified to include this logic. Target Release Date June 3, 2024