Forum Discussion

ottleydamian's avatar
ottleydamian
Icon for Cirrus rankCirrus
Apr 09, 2019

Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By Qualys

The client ran a Qualys scan using Scanner 10.5.59-1, Vulnerability Signatures 2.4.576-2 (as I can see from the XML). The F5 is running 12.1.3.3. Build 0.0.1 Point Release 3. Every time the XML is up...
application delivery
ASM Advanced WAF
BIG-IP
security
  • samstep's avatar
    samstep
    Apr 26, 2019

    Please make sure you are importing Qualys Web Application Scan results file. The standard Qualys scan is about infrastructure vulnerabilities which cannot be mitigated by ASM. Ask your client to provide the Web Application Scan XML Report. From within Qualys they can obtain it by navigating to: Web Applications > View Report > Download > XML .

     

boneyard's avatar
boneyard
Icon for MVP rankMVP
Apr 13, 2019

hard to determine, might be version or such. i recall seeing versions listed of the scanning tools, but can't find that list.

 

i would open a ticket with f5 support, easiest way to get it sorted for sure.