Security End of Life (SEoL) Plugin Conversions 2024 Q2...
Security End of Life (SEoL) Plugin Conversions 2024 Q2 Change In accordance with the SEoL framework published in April 2023, we are updating and/or deprecating the legacy “Unsupported <x>” plugins to conform to the new plugin specification. Only the Unsupported plugins listed in the “Deprecated Plugin” table below have been deprecated and replaced with SEoL plugins - all other plugins that detect Unsupported software remain in service. Impact Customers should anticipate the legacy “Unsupported” plugins to be deprecated and/or converted to their corresponding SEoL plugins. This may result in new findings and a more detailed picture of the exposure landscape associated with products in the SEoL state. Customer-created dashboards or reports that use the now-deprecated “Unsupported” plugins should be migrated to use the new SEoL plugins listed below. For additional details please see the SEoL FAQ knowledge base article from June 2023. This FAQ covers questions about SEoL plugin severity ratings, considerations for extended vendor support agreements, and future product coverage. Converted Plugins Deprecated Plugin: 102082 - Microsoft Access Unsupported Version Detection New Plugin(s): Microsoft Access SEoL Modified Plugin: 58092 - macosx_silverlight_unsupported.nasl Modified Plugins: 71457 - lce_unsupported.nasl, 77278 - lce_client_unsupported_macosx.nasl, 77279 - lce_client_unsupported_unix.nasl, 77280 - lce_client_unsupported_win.nasl We will be adding SEoL coverage for the following operating systems previously covered in 33850 - unsupported_operating_system.nasl: RHEL <new plugin ID at time of release> CentOS <new plugin ID at time of release> Fedora <new plugin ID at time of release> Ubuntu <new plugin ID at time of release> Debian <new plugin ID at time of release> SuSE/OpenSuSE <new plugin ID at time of release> MacOS <new plugin ID at time of release> The unsupported_operating_system.nasl plugin will continue to cover the following: Mandrake / Mandriva Linux Mageia Scientific Linux Gentoo Linux Slackware AIX HP-UX IRIX Solaris FreeBSD NetBSD OpenBSD Tru64 UNIX (and its earlier incarnations) Other very old distros Consolidated List of Deprecated Plugins 102082 Consolidated List of Modified Plugins 33850, 58092, 71457, 77278, 77279, 77280 Target Release Date June 28, 2024 Additional Notes For a complete list of SEoL plugin coverage, please visit https://www.tenable.com/plugins/search?q=%22SEoL%22. Additional coverage requests can be made via Tenable’s Suggestions Portal at https://suggestions.tenable.com.
OpenJDK Vulnerability Coverage Background As part of our...
OpenJDK Vulnerability Coverage Background As part of our efforts to enhance our cyber exposure capabilities for middleware, Tenable Research is expanding Java detection and vulnerability coverage including different managed and unmanaged Java flavours. Change A number of Nessus plugins are being released checking for OpenJDK vulnerabilities, as described in the OpenJDK advisories since 2019 (see https://openjdk.java.net/groups/vulnerability/advisories/). Impact Customers may start seeing a number of these new plugins firing, reporting OpenJDK vulnerabilities for instances found in their systems. Plugins 151214 OpenJDK 2019-04-16 151215 OpenJDK 2019-07-16 151213 OpenJDK 2019-10-15 151210 OpenJDK 2020-01-14 151208 OpenJDK 2020-04-14 151212 OpenJDK 2020-07-14 151211 OpenJDK 2020-10-20 151209 OpenJDK 2021-01-19 151207 OpenJDK 2021-04-20 Target Release Date 6 July 2021