Ivanti EPMM and Ivanti Neurons Compatibility with...
Ivanti EPMM and Ivanti Neurons Compatibility with MobileIron Credentials Summary MobileIron Core has become Ivanti EPMM and MobileIron Cloud has become Ivanti Neurons. Tenable has verified that Ivanti EPMM 11.0+ works with the existing MobileIron Data Collection scan using MobileIron credentials. Tenable has also verified that Ivanti Neurons works with the existing MobileIron Data Collection scan using MobileIron credentials. Change Minor changes were made to our integration for added detection of Ivanti rebranding. This allows users to maintain their existing MobileIron credentials with the current Ivanti released products. Release Date May 23, 2024 - TVM, Nessus, and Security Center
Debian Linux Kernel Package Detection Improvements Summary...
Debian Linux Kernel Package Detection Improvements Summary We are updating our Debian plugins to improve the detection of kernel packages in two significant ways. The primary detection of Debian Linux kernel packages in Nessus has been aligned to Debian's package release process. This change improves our detection of publicly disclosed kernel vulnerabilities. In the second part of this improvement, Nessus now will only consider installed Linux kernel packages that correspond to the running kernel version when a target is in a state between a kernel update and a system reboot. Impact Customers scanning targets that run Debian Linux and have unpatched kernel vulnerabilities will see new findings in their scan results. Debian Linux targets that have been upgraded to address kernel vulnerabilities will show unpatched kernel vulnerabilities until after reboot, when the host is running the upgraded kernel. Affected Plugins The following plugins are impacted by these changes: 126837, Debian DSA-4484-1 : linux - security update 127491, Debian DSA-4495-1 : linux - security update 127867, Debian DSA-4497-1 : linux - security update 129306, Debian DSA-4531-1 : linux - security update 130982, Debian DSA-4564-1 : linux - security update 136124, Debian DSA-4667-1 : linux - security update 137341, Debian DSA-4699-1 : linux - security update 141552, Debian DSA-4774-1 : linux - security update 146052, Debian DSA-4843-1 : linux - security update 151890, Debian DSA-4941-1 : linux - security update 153668, Debian DSA-4978-1 : linux - security update 164947, Debian DLA-3102-1 : linux-5.10 - LTS security update 165623, Debian DLA-3131-1 : linux - LTS security update 166822, Debian DLA-3173-1 : linux-5.10 - LTS security update 169293, Debian DLA-3244-1 : linux-5.10 - LTS security update 169294, Debian DLA-3245-1 : linux - LTS security update 156950, Debian DSA-5050-1 : linux - security update 158682, Debian DSA-5092-1 : linux - security update 158762, Debian DSA-5095-1 : linux - security update 158761, Debian DSA-5096-1 : linux - security update 160469, Debian DSA-5127-1 : linux - security update 162159, Debian DSA-5161-1 : linux - security update 162703, Debian DSA-5173-1 : linux - security update 163480, Debian DSA-5191-1 : linux - security update 164150, Debian DSA-5207-1 : linux - security update 166232, Debian DSA-5257-1 : linux - security update 172079, Debian DLA-3349-1 : linux-5.10 - LTS security update 175926, Debian DLA-3403-1 : linux - LTS security update 175925, Debian DLA-3404-1 : linux-5.10 - LTS security update 176729, Debian DLA-3446-1 : linux-5.10 - LTS security update 178958, Debian DLA-3508-1 : linux - LTS security update 179309, Debian DLA-3512-1 : linux-5.10 - LTS security update 179933, Debian DLA-3524-1 : linux - LTS security update 179934, Debian DLA-3525-1 : linux-5.10 - LTS security update 183491, Debian DLA-3623-1 : linux-5.10 - LTS security update 170485, Debian DSA-5324-1 : linux - security update 175664, Debian DSA-5402-1 : linux - security update 178003, Debian DSA-5448-1 : linux - security update 178329, Debian DSA-5453-1 : linux - security update 179043, Debian DSA-5461-1 : linux - security update 179044, Debian DSA-5462-1 : linux - security update 179736, Debian DSA-5475-1 : linux - security update 180016, Debian DSA-5480-1 : linux - security update 181209, Debian DSA-5492-1 : linux - security update 189094, Debian dla-3710 : hyperv-daemons - security update 189090, Debian dla-3711 : linux-config-5.10 - security update Target Release Date March 27, 2024Nessus now has Entra LAPS Support Summary: Nessus now has...
Nessus now has Entra LAPS Support Summary: Nessus now has the ability to leverage accounts managed by Microsoft Entra LAPS. How LAPS works: Since LAPS managed accounts have their passwords rotated routinely, users cannot just directly provide the credentials in their Scan Policy. Before this change, users would instead have to make an additional privileged account on each LAPS enabled Host to provide to Nessus. Now that Nessus can communicate with an Entra LAPS setup, customers no longer need to have or provide those extra privileged accounts. This means less exposure and less redundancy in a customer’s environment. Change: With this LAPS support change, during the startup phase of a scan, Nessus will reach out to a Microsoft Entra Tenant and pull a list of all Local Admin Accounts managed by LAPS. Nessus will then attempt to use these Entra provided LAPS managed accounts as credentials when attempting to access a target host. The LAPS credentials found are not stored or kept in the scanner configuration any way and only exist in memory at runtime. Each time a Scan is initiated with LAPS support enabled, it will do a fresh pull of credentials. How to enable it: To make use of Nessus’ Entra LAPS support, customers need a Registered App in their Entra Tenant with the DeviceLocalCredential.Read.All permission. These Registered App permissions are what allows an App to access the LAPS managed accounts. Customers with an existing Registered App can configure them for use in Nessus by simply granting the Registered App the DeviceLocalCredential.Read.All permission, allowing Nessus to access LAPS data. Customers without a Registered App will need to create a new one, and provide it as a [Cloud Services Microsoft Azure/Entra Credential] in your Scan Policy. For additional information see: https://docs.tenable.com/identity-exposure/3_x/Content/Admin/entra_id_support.htm#Configure-Microsoft-Entra-ID-settings and https://docs.tenable.com/vulnerability-management/Content/Settings/Credentials/CreateManagedCredential.htm Impact: Customers using Rotating Host passwords managed through Microsoft Entra LAPS can now leverage these credentials in their Nessus scans for more secure scanning configurations. Target Release Date: ImmediateChanges to Custom User-Agent Setting Summary Tenable is...
Changes to Custom User-Agent Setting Summary Tenable is making an improvement to the UI that exposes the “Use a custom User-Agent” option without requiring the “Scan web applications” toggle to be enabled. Change Before, the “Use a custom User-Agent” option would not be available without first turning on the “Scan web applications” toggle. After the change, the “Use a custom User-Agent” option is exposed without requiring the Scan “Web Applications toggle” to be enabled. Impact When creating new scans, customers will be able to leverage the custom User-Agent header to identify requests that came from Nessus without requiring Web Application Scanning to be enabled. There is no change to the existing user agent setting when web app scanning is enabled. Release Date Immediate for Nessus and Tenable Vulnerability Management TBD for Security Center
