Hi everyone,
I tried to deploy the Greenbone in our ubuntu instance using docker compose file and configured the target server for vulnerability check using ‘CVE-2021-44228’.
While scanning the other server from the UI, which has log4j2.8.0 vulnerability, It shows no alerts while scanning with log4j shell config even after updating the feed status.
I’m relatively new to openvas, So I’m not sure why this is happening. I have attached the screenshots for more clarity.
I suggest you follow the blog entry:
https://www.greenbone.net/en/blog/log4j-vulnerability-detection/
Hi everyone,
I’ve already set up the target server with the log4j shell scanner “CVE-2021-44228” to look for vulnerabilities. I followed the link, but the Greenbone UI is still not sending me any notifications for Log4J. Could you please provide additional details?
The previous linked blog post Log4j Vulnerability Detection Available in Greenbone Feeds - Greenbone as well as a follow-up one to that available here (and linked in the previous blog post):
should contain most current known details. To sum them up:
For a successful detection of this flaw the target host needs to be able to reach the scanner host on a TCP port randomly generated during the runtime of the VT (currently in the range of 10000-32000)
