Forum Discussion

HarshaPotharaju's avatar
Icon for Nimbostratus rankNimbostratus
Dec 08, 2017

Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By IBM AppScan

This is what I got when I tried to import XML output from IBM AppScan to F5 ASM security policy (using vulnerability tool output). Did anyone got the same?


5 Replies

  • did the appscan find vulnerabilities? have you checked the version? i seem to recall there was a version issue for one of the scanning vendors.


  • Here are the first two lines of XML.


    Note: IBM AppScan is neither standard nor enterprise edition. It's in the cloud.

  • very possible, probably the best is to contact your F5 sales about this and please report back.


  • The AppScan format that F5 supports is and what we have is 2.42, Note that these are xmlExportVersions not xml versions. F5 Product Development has assigned ID 642185 to this issue and they have introduced the fix of this issue in version 13.0.1, which was released a week ago. Also they are trying to introduce the same fix for upcoming HFs' of other versions.