Greenbone is not detecting the problem


and welcome to this community forums.

This is currently the expected behavior:

The SSL/TLS cipher and version determination is purely done via NASL based scripts and the code part is using the IP and not the hostname(s) of the target to query this information (technical: No SNI extension with the host name is sent).

There is an internal task to improve / extend this functionality to use / sent the SNI extension in SSL/TLS requests. But as this is a hugely invasive task which can have various negative side-effects not really testable there is no timeline available for this.