Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By Qualys

Question

The client ran a Qualys scan using Scanner 10.5.59-1, Vulnerability Signatures 2.4.576-2 (as I can see from the XML). The F5 is running 12.1.3.3. Build 0.0.1 Point Release 3. Every time the XML is uploaded the following message appears:&nbsp;
Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By Qualys®&nbsp;
The XML file is 268KB. What do you guys think is the error? &nbsp;

samstep · Accepted Answer

Please make sure you are importing Qualys Web Application Scan results file. The standard Qualys scan is about infrastructure vulnerabilities which cannot be mitigated by ASM. Ask your client to provide the Web Application Scan XML Report. From within Qualys they can obtain it by navigating to: Web Applications > View Report > Download > XML .

boneyard · Answer

hard to determine, might be version or such. i recall seeing versions listed of the scanning tools, but can't find that list.&nbsp;
i would open a ticket with f5 support, easiest way to get it sorted for sure.&nbsp;

Forum Discussion

Vulnerabilities file doesn't contain Vulnerabilities Found And Verified By Qualys

2 Replies

Recent Discussions

The best load balance method on this scenario?

SMS server with BIGIP

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747