Hi All,
Apologies if this is covered elsewhere but I can’t seem to find a definitive answer.
I can successfully scan our ESXi hosts which are picked up and identified, along with any extant vulnerabilities, however I can’t find any detail on how to perform a vulnerability scan (credentialled or otherwise) of a vCenter Server Appliance.
All of my VCSAs are variously identified by IVM as ASUS routers or Linux OPENWRT OS systems
Ping! I’m experiencing exactly the same thing here and so far have not been able to find a solution. Rapid7’s documentation isn’t too helpful here either - it talks about HTTPS credentials but not where to set them up. If I try and add HTTP credentials, they are always rejected.
I have raised a case with support and waiting for a response.
Were you ever able to figure this out?
Did anything come of this? We are having similar issues.
Has there been any update on this issue?
Anyone has any luck with this or with new VMware credential type released with product on 8/14/24? InsightVM Release Notes
I had the same issue,
Simply doing a scan against the esxi host on port 443 will correctly identify the ESXI software and related vulnerabilities.