What is happening?
Due to required technology changes, WithSecure Elements Vulnerability Management Scan Node Agent for Linux has introduced a breaking change, which affects older versions of the product.
Linux Scan Node Agents in version 4.354.0 or below are known to have a broken mechanism of automatic software updates. This means that a manual reinstallation is required to continue managing and executing further scan job.
Who is affected?
On 12th May 2022 the new version of the scanning engines will be distributed to all Linux scan nodes, where some breaking changes are introduced. Due to that change, Elements VM Scan Node Agent for Linux in version 4.354.0 or below will stop executing new scans. Elements VM Scan Node Agent for Windows in version 3.X is not affected.
How can I check my scan node version?
Via Elements VM Portal: open Vulnerability Management -> Scan Nodes -> search for your Elements VM Scan Node Agent and verify ‘Scan Node Agent version’ from details.
Via command-line on the Scan Node server:
$ sudo /opt/f-secure/radar-scannodeagent/ScanNodeAgent version
Solution
If you happen to maintain one of the old Linux Scan Node Agent (4.354.0 or below), take the following steps to manually update the software to the latest version:
1. Backup the license file.
$ mkdir ~/tmp_elements_vm_license/ && cp /opt/f-secure/radar-scannodeagent/*.fsrl ~/tmp_elements_vm_license/
2.Uninstall the product and remove all files from the installation directory:
$ sudo apt remove --purge f-secure-radar-scannodeagent-installer && sudo rm -rvf /opt/f-secure/ /etc/opt/f-secure/ /var/opt/f-secure/
3. Download the latest installer from:
$ wget -O ./f-secure-radar-scannodeagent-installer_amd64.deb https://updates-api.radar.f-secure.com/api/1.1/ProductUpdates/Components/ScanNodeAgent/Releases/4/Download
4. Install Scan Node Agent:
$ FSECURE_SCANNODEAGENT_LICENSE=~/tmp_elements_vm_license/*.fsrl bash -c 'sudo apt install ./f-secure-radar-scannodeagent-installer_amd64.deb'
