Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By IBM AppScan

Question

This is what I got when I tried to import XML output from IBM AppScan to F5 ASM security policy (using vulnerability tool output). Did anyone got the same?&nbsp;

boneyard · Answer

did the appscan find vulnerabilities? have you checked the version? i seem to recall there was a version issue for one of the scanning vendors.&nbsp;

harshapotharaju · Answer

Here are the first two lines of XML.
 
Note: IBM AppScan is neither standard nor enterprise edition. It's in the cloud.

pk_bhatia · Answer

seems only supported version is standard edition. https://support.f5.com/csp/article/K14089&nbsp;

boneyard · Answer

very possible, probably the best is to contact your F5 sales about this and please report back.&nbsp;

harshapotharaju · Answer

The AppScan format that F5 supports is 9.0.3.1 and what we have is 2.42, Note that these are xmlExportVersions not xml versions. F5 Product Development has assigned ID 642185 to this issue and they have introduced the fix of this issue in version 13.0.1, which was released a week ago. Also they are trying to introduce the same fix for upcoming HFs' of other versions.&nbsp;
Thanks,&nbsp;
Harsha.&nbsp;

Forum Discussion

Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By IBM AppScan

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

OWASP Automated Threats - OAT-014 Vulnerability Scanning

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS