Any way of supressing OpenVAs reporting CVE which has been superseded?


First post on Openvas. Tried searching but could not see any similar.

We are using OpenVAS for vulnerability scans against some windows workstations and notice it reporting various CVE’s for .NET framework.

These have been fixed with the security updates and windows updates, but we still see them being reported.

For Example

Microsoft NET Framework 4.5.2 Multiple Vulnerabilities (KB4470622)

CVE-2018-8517, CVE-2018-8540

This host is missing a Critical security update according to Microsoft KB4470622

System is fully patched.

Is there anyway to supress these alerts ? Should it do this automatically ?

Thanks in advance for any help

Hi @patrickh and welcome to the forum :slight_smile:

To me that doesn’t sound like normal behavior and I am bumping this for visibility. In case it can help anyone to figure it out, I am wondering which version number of OpenVAS and other Greenbone components in Kali are you using?