I am using CVE as my scanner for finding Vulnerabilities but when running a task that is configured with CVE as Scanner, it gets completed within a second. Can you please help me with this?
Hello,
Just to double check, have you made sure to execute the CVE scan as per our documentation?
The asset database requires current data for the CVE scanner. A full scan, e.g., with the scan configuration Full and fast, has to be performed and the results have to be added to the assets.
The results of a CVE scan rely on the availability of self-reported versions from exposed software found during a full scan. Using an authenticated scan may increase the results found by the CVE scan.
A full scan of the systems should occur regularly.
1 Like
Yes, I followed the documentation.
Before running the CVE scanner, I performed all other scans like Host Discovery, System Discovery, Discovery, Base, and Full and Fast.
Hello Guys,
Need little help here.
Various pointers / help had been already given previously in the documentation and it is currently not clear if all got followed.
Just to summarize what’s required:
- A “full and fast” scan against the target
- Having “Add results to Assets” in the scan config set to “yes”
- One or application detected previously with a registered CPE including a version (e.g.
cpe:/a:apache:http_server:2.4.22)- This can be verified via the “log” level message of the “CPE Inventory” (OID: 1.3.6.1.4.1.25623.1.0.810002) VT
- A search like e.g. https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&query=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A2.4.22&search_type=all&isCpeNameSearch=true returning any CVE for the product / CPE in question
- And finally running a CVE scan against the same target
Notes:
- There might be additional unknown constraints which are required to get useful data
- CVE scans not matching the expected CVE-2021-23017 could be still an issue which prevents a working CVE scan
2 Likes