Does the "Full and Fast" Scan in OpenVAS Include a CVE-Scan?

dondelay · August 25, 2023, 8:48am

Hello Greenbone Community,

I’ve recently set up the latest version of Greenbone OpenVAS, and I’m trying to understand the specifics of the scanning configurations. I’m particularly interested in the “Full and Fast” scan option.

I understand that OpenVAS allows for a “CVE-scan” on inventory data. My question is: when I run a “Full and Fast” scan with the OpenVAS scanner, does it also include this “CVE-scan” on the inventory, or is it something that needs to be run separately?

I’ve looked through the official documentation and other online resources but haven’t found a definitive answer. I’d appreciate any insights or clarifications from the community on this matter.

Thank you in advance for your assistance!

Martin · August 25, 2023, 2:14pm

Hello dondelay and welcome to the Greenbone community!

The OpenVAS scanner and the CVE scanner are two separate scanner modules, however both are included in Greenbone products. Only the the OpenVAS scanner uses scan configs, so no scan configs include the CVE scanner conversely.

You have to configure the CVE scanner when creating a scan task, for details see 10 Scanning a System — Greenbone Enterprise Appliance 22.04.13 documentation, section “Scanner”.

Please also note the prerequisites for using the CVE scanner, documented here 10 Scanning a System — Greenbone Enterprise Appliance 22.04.13 documentation.