Query: GVM 11 - What to debug/change in gvm if we find 0 vulnerabilites in a vulnerable site?


I am trying to run a scan on a vulnerable site on 80-443 but it always ends in 0 vulns to be found. We already know that there are vulnerabilities present on the same port but this does not return anything.

Also tried with various scan profiles but the results are same.

Already checked for any connection issues / plugins disabled / any other misc things but all rules out.

Would be really helpful if can dig into source code/log file somewhere which helps to identify the root cause of 0 detections.

Any help would be appreciated.


GVM versions

gsa: (‘gsad --version’) = Greenbone Security Assistant 9.0.1
gvm: (‘gvmd --version’) = Greenbone Vulnerability Manager 9.0.1
openvas-scanner: (‘openvassd --version’) = command not found


Operating system: = Unbuntu 18 LTS
Kernel: (‘uname -a’) = 4.15.0-101-generic #102-Ubuntu SMP Mon May 11 10:07:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Installation method / source: = VM Installation

Check the “log” events, if your host was detected as alive and found any open ports. If there are no results at all, try to check the NVTs and feed status.

If both are not working, try a GCE VM, this is guaranteed to work and question your uncoordinated installation :wink:

1 Like

Thanks for your reply