Vulnerability Scan doesn't show CVE's

mhortelano · April 4, 2024, 7:09am

Good morning,

Just installed gvm openvas on the last kali purple update. My scans are going to fast and they are finding basically nothing, not only they show basically a few logs but they don’t show any CVE finds. I’m scaninng networks who have a lot of vulnerabilitys and the y aren’t showing.

My feeds are up to date, and I use the Full and Fast Scan and the ones Greenbone considers alive.

I don’t see what seems to be wrong here, anyone has a clue of could it be?

I used to have gvm on another virtual machine with the same configuration and it worked perfectly fine, I can’t understand what is going on.

Thank you in advance!

bricks · April 4, 2024, 7:26am

Hi,

please take a look at

mhortelano · April 4, 2024, 7:46am

Hello,

I tried the configurations of:

Consider alive
Scan Config Default
ARP Ping

And All IANA TCP

The hosts are reacheable as well, even with nmap. I don’t seem to see what’s wrong, the scans just keep going but showing like 2 logs and no CVE’s. But my feeds are updated.

bricks · April 4, 2024, 7:49am

Did you take a look at https://greenbone.github.io/docs/latest/troubleshooting.html#vulnerabilities-are-not-found too?

mhortelano · April 4, 2024, 7:55am

Yeah and everything seems fine.

Could it be any firewall thing? Like what port does Greenbone need to scan something in their network?

TreAtW · April 5, 2024, 12:08pm

OpenVAS will scan all ports that are specified in the port list and have NVTs for the corresponding port. The default port list is “All IANA assigned TCP”, which has the theoretical port range of 1-65535 (in practise not all of those ports are assigned or have corresponding NVTs).

So if there is a firewall that blocks OpenVAS from accessing those ports on the target machine, it cannot perform the scan properly.

mhortelano · April 17, 2024, 10:25am

Thank you, I will check our Firewall!