Vulnerability scan lists all ip's and port as open

We are having the same issue. What was the resolution? In our case it appears that the F5 is responding to our nmap discovery requests for all IPs and lower 1000 tcp requests that the scanner sends. Example, the outside/external interface/VLAN has a 10.10.64.253/19. One of the asstests that responded was a 10.10.80.0 which is not define. We have a wildcard VS and the scanner is on the inside interface/VLAN. The F5 is the layer 3 bridge between the inside and outside VRF on our core so to get to this IP, routing would carry the scan traffic to this IP via Distribution Switch -> Core SW Inside VRF -> F5 Inside/Outside Int -> Core Sw Outside VRF. Both the SVI on the Core and F5 External VLAN are in the /19. In our case we didn’t have this issue until we went from 3900s to i5800s with vCMP.