CVE-2021-39226 vulnerability scan doesn't detect the vulnerability

Dear Users,

I just installed the free edition of Greenbone vulnerabilities scanner.
I just test it against a test web server and, after some hours, I received the results I needed.
It was a very long process, but it satisfied my needs.

Recently, my ISP reported a vulnerability (CVE-2021-39226) related to one of our public internet services.
So, in order to create a vulnerabilities report before and after applying the needed fix, I would like to create a dedicated scanner (in this way I will reduce the scanning time as well).

This is what I have done:

  • I cloned the “empty” scanner template;
  • I customised it selecting only the “Grafana 2.0.1 < 7.5.11, 8.x < 8.1.6 Snapshot Authentication Bypass Vulnerability (GHSA-69j6-29vr-p3j9)” check from “Web application abuses”

Unfortunately, the task I created (using OpenVAS Scanner + the customised “empty” template) is not able to find the vulnerability affecting the test server.

What I’m doing wrong? Could you please help me to complete correctly the scanner configuration?

Many thanks in advance,

That means no VTs against any system as result no results.
I would suggest to start with a Full & Fast as a beginning.

1 Like

Many thanks for your reply Lukas.
What the VTs are? I’m still a newbie…unfortunately.

So, should I run the Full and fast scan against the server?
Since the full and fast is not so fast, is there a way to reduce this processing time?

Thank you for your patience and help.

There are many posts here, how to tune the alive criteria and port lists and speed up scans.

Please note VTs does have huge dependencies and tuning the VT groups is not for beginners.

I think the “Base” scan config is a better starting point to clone than the “Empty” scan config since the comment for it is “Basic configuration template with a minimum set of NVTs required for a scan”.

From there you should be able to add only the single VT you wanted: “Grafana 2.0.1 < 7.5.11, 8.x < 8.1.6 Snapshot Authentication Bypass Vulnerability (GHSA-69j6-29vr-p3j9)”.


Additional info on this topic is also available here:

1 Like