Hi Team,
Recently we had ran OpenVAS test on our azure cloud application server(Windows virtual machine scale set) and found attached results. Please check and help us how to resolve these Vulnerabilities.
Issue1:
Medium (CVSS: 5.0) NVT: DCE/RPC and MSRPC Services Enumeration Reporting
Summary Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) or MSRPC services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries.Vulnerability Detection Result Here is the list of DCE/RPC or MSRPC services running on this host via the TCP Protocol: Port: 49664/tcp -49668 and 49753
And also we have observed below points in our report. Could you please explain what does it mean?
Vendor security updates are not trusted.
Overrides are on. When a result has an override, this report uses the threat of the override.
Information on overrides is included in the report.
Notes are included in the report.
This report might not show details of all issues that were found. It only lists hosts that produced issues.
Issues with the threat level “Log” are not shown.
Issues with the threat level “Debug” are not shown.
Issues with the threat level “False Positive” are not shown. Only results with a minimum QoD of 70 are shown.