Discovered applications severity N/A

Hallo community,

im doing some tests with GVM and run current on 21.4.5.
scans are fine but when i look at the results it has discovered vulnerable software. for instance cpe:/a:openbsd:openssh:7.4 and cpe:/a:dell:idrac7:

when i check the overview of applications the found applications have a severity of N/A. but when clicking on openssh7.4 it says 7.0 high.

can someone tell me if this is normal for the community version.
and is this something that will be added if you use the enterpise feed ?
and can you add the enterprise feed also to the community version, or only to a GVM appliance ?

thanks in advance,


Hello Izhar, welcome to the Greenbone forum!

I was able to reproduce the problem. It is related to how we convert the official NVD data in-house and affects all feeds currently. I have raised an internal issue to get this fixed, and we’ll get back to you in this topic!

We do not offer the Enterprise Feed for the Community Edition at the moment. The only way to access it is via our Enterprise Appliance or Cloud Services products.

1 Like

Hallo Martin,

any news on the fix in the feeds ?

No news so far, we are still working on it.

Hallo, any progress to report or maybe a workaround for this ?

There is still no solution available for this problem. As soon as I have any kind of feedback I will relay it in this topic.