SMB v1 vulnerability not detected

Hi everyone, I noticed in the scan results that on Windows clients with SMBv1 enabled is not detected any vulnerability. Some other vuln scanners can report this with Cvss score 5.8 (SMB: Service supports deprecated SMBv1 protocol")
Is there any way to enable this check also on GVM11 ?

Thanks in advance

Please check first with the GSM Trial edition, we can not guarantee that this will work with a self compile (maybe incomplete) installation.


Adding to this there is a VT available to report an enabled SMBv1 Service remotely:

Name: SMBv1 enabled (Remote Check)
Family: General

Note that this VT doesn’t have a severity (yet) so if you want to have a vulnerability with a severity reported you can set an override with an higher severity.


Bumping this topic a bit. Just curious why no severity is set for SMBv1. While SMBv1 itself is not a vulnerability, it is EOL. The feed warns for EOL, shouldn’t SMBv1 be warned for too?

I’ll set the override for now.

Do you have a CVE according to it ? Any practical attacks against the protocol ?