Hi everyone, I noticed in the scan results that on Windows clients with SMBv1 enabled is not detected any vulnerability. Some other vuln scanners can report this with Cvss score 5.8 (SMB: Service supports deprecated SMBv1 protocol")
Is there any way to enable this check also on GVM11 ?
Thanks in advance
Please check first with the GSM Trial edition, we can not guarantee that this will work with a self compile (maybe incomplete) installation.
Adding to this there is a VT available to report an enabled SMBv1 Service remotely:
Name: SMBv1 enabled (Remote Check)
OID: 1.3.6.1.4.1.25623.1.0.140151
Family: General
Note that this VT doesn’t have a severity (yet) so if you want to have a vulnerability with a severity reported you can set an override with an higher severity.
Bumping this topic a bit. Just curious why no severity is set for SMBv1. While SMBv1 itself is not a vulnerability, it is EOL. The feed warns for EOL, shouldn’t SMBv1 be warned for too?
I’ll set the override for now.
Do you have a CVE according to it ? Any practical attacks against the protocol ?