I’m getting a vulnerability that shows up when running a scan of our firewalls. Our FortiGate firewalls came back with the vulnerability shown in the title along with their public IP addresses. The remediation mentioned upgrade to latest version of FreeBSD. These firewalls already have the latest firmware and patches according to FortiGate. Is it possible this is a false positive?, Has anyone else encountered this.
1 Like
I’ve got the same thing occurring on 300+ Windows 10\11 workstations. I have ticket logged with support.
2 Likes
Same for us. Marked as False Positive
Update from R7 Support: Apparently this is occurring because we aren’t running authenticated scans on our systems (even though they have the agent and running auth scans in our environment is logistically unrealistic). What this doesn’t explain is why <10% of our systems are reporting this (the detected systems are no different that any others), or why this has suddenly started on an 18 year old vulnerability, where the modified date of the vuln in insightVM is a couple weeks ago. As sprakash has said,there’s no option other than to mark it as a false positive.
Exactly my point, same scenario as yours and it makes no sense that it doesn’t pick the entire population but rather a small percent and the vulnerability version that it picks should have been picked a long time back.
Rapid7 needs to finetune it, these stuff takes time for customers.
Same here. We’ve marked it as a false positive after validating we have the latest firmware.