No vulnerabilties after scan completed

aoliveira · June 28, 2023, 11:32am

Hello,

I’ve a problem with the scans lately where when a scan is completed all the vulnerabilities goes to zero.
I’ve checked the logs and the scan logs shows the correct number of vulnerabilities and which ones there are.
Can this be a problem of data integration with the console? I’m using the local scan engine that is installed with the console and after 4 days of installation this happens.
Does anyone have a solution?

john_hartman · June 28, 2023, 1:56pm

Can you share some screenshots of the issue? I’m not entirely sure I understand what’s happening here.

aoliveira · June 28, 2023, 3:03pm

So during the scan it shows the number of vulnerabilities that has found, on the completed assets it shows 0 vulnerabilities and on the uncompleted it shows the number of vulnerabilities on each asset.
After the asset is completely scanned the vulns goes to zero, but on the scan status it still shows the total of vulnerabilties on that scan. Then it starts the integration process and after it’s finished the vulnerabilities goes to zero aswell.
On the scan logs there’s the total of assets scanned and the total of vulnerabilties found on the scan, but not on the console.

P.S: I can’t send screenshots for some reason but I will try to send it later.

Thank you.

john_hartman · June 28, 2023, 3:17pm

When you view the actual asset page does it list all of the vulnerabilities? This certainly sounds like a UI issue with the way that it’s integrating the results. I would suggest opening a support ticket.

aoliveira · June 28, 2023, 3:20pm

Yes, but if a new asset is added or discovered with an agent installed it won’t discover the vulnerabilities for that asset. But on the scan log it shows the vulnerabilities.
I already opened a support ticket but they are asking me if the endpoint have any protection and if there are is the scan engine is whitelisted.

brandon_mcclure · June 29, 2023, 12:16am

Are you doing separate discovery scans from vuln scans?
When my discovery runs, it will zero out some of my assets, but then during the next vuln scan they come back.
I tried to find a case where I saw this happening an cannot find it.

aoliveira · June 29, 2023, 8:51am

Yup is separate, I already have all the assets I need in the console and in the beggining it showed vulnerabilties, now when i do a vuln scan they all come with zero vulns

aoliveira · June 30, 2023, 2:18pm

incomplete_assets_with_vulns_noip
test_scan_before_finish_cut

after_integration
integrating_process

Here are the screenshots of the problem