Scan Cisco Devices

Hi All,

I am trying to use OpenVAS to scan a coupe of Cisco ASAs running old binaries, as well as a old 3560 running IOS 12.x

I was expecting to have many CVEs to show up, but looks like I am missing something, as my reports only shows the ssh is version 1 and nothing else.

I was using ssh credentials (username and password to try to accomplish this task)

Is Openvas supposed to work on scanning Cisco devices and I am not configuring properly or I should use another tool?



Have a look at This should give you a start. As long as you don’t get the device detected or the report from “SSH Authorization Check” (OID: doesn’t state that the authentication was successful you will have to recheck the authentication setup.

Note: Newer Cisco related checks are only in the commercial feed (GSF) and not in community Feed (GCF).

1 Like

I got it working. For the old switch, I got bunch of CVEs. But, as you said, for a newer Cisco device (ASA running 9.10) it does the scan, but does not report the new CVE that came public last year.

Thus I imagine I must go with the paid version right?

Exactly, newer Cisco checks are just in the paid feed.