Error on report Summary and download

Dear Community,

I noticed after a vulnerability scan, the presence of several vulnerabilities that do not impact the host operating system. These vulnerabilities should not be present but they are. Is this a mistake?

For example:
Vulnerability: Medium (CVSS: 5.0)
NVT: TCP Sequence Number Approximation Reset Denial of Service Vulnerability
CVE References: CVE-2004-0230

This vulnerability concerns the following Operating Systems :
Microsoft Windows XP and Microsoft Windows Server 2003

But the scan was performed on a Microsoft Windows Server 2016 and the vulnerability is present.

Do you know why?

Thank you in advance

Translated with (free version)

GVM versions

GSA 7.0.3
OpenVAS Scanner 5.1.3


Operating system: kali linux
Kernel: Debian 4.19

The mentioned VT has a Quality of Detection (QoD) value of 50%, doesn’t show up in a default view of a report and might be prone to false positives (thus the lower QoD value).

See the following documents around the QoD topic:

1 Like

Thank you for your response,

I understand, I had opened a topic on the difference between the following reports:

  • Results and report
  • Summary and downloads
    but I didn’t get an answer.
    Is the full report from “Summary and Downloads” relevant?