• QID To retrieve Ticket State

    Hi Community   I was wondering if you anyone can tell me if there is a QID for the Ticket State column as returned in a scan report ? I am trying to tag assets with a ticket state of "Closed/Ignored" s...
    Michael Fennell
    last modified by Michael Fennell
  • AssetGroups not updating

    Hi guys,           Anyone facing the following error while updating a AssetGroup?   An error has occurred and the Qualys Service cannot process your request. If this condition continues,...
    mrmime988
    last modified by mrmime988
  • Unable to update dst through Schedule Scan API

    Hi,   I am trying to update our scheduled scan times to accept dst but I seem to be getting the following error: "This is not a valid scanner appliance set". Error code 1904   These are the parameters are...
    Rohil S
    created by Rohil S
  • Non authenticated scan for ESXI hosts

    Hi Everyone,   I have a really weird fault with non authenticated scan on DMZ ESXI hosts. My scan is scheduled to run every-week and targets all devices in DMZ zones. For some reason when the scanner scans ESXI...
    sam bhat
    last modified by sam bhat
  • Chrome 77 Wireshark 3.0.4 detection

    Missing detecting for Chrome 77 Chrome Releases: Stable Channel Update for Desktop    Missing detecting for Wireshark 3.0.4 Wireshark · Download    Are planes to get the detectio...
  • External Scans versus Dynamic IP

    Hi,   I'm consulting with a client who is using Qualys to perform external vulnerability scans.  The issue is they have dynamic IP so entering IP for the scans is problematic.     Would inst...
    Eric Beaumier
    last modified by Eric Beaumier
  • Multiple Scan Accounts in Windows AD Domain

    I'd like to split my scan user in the domain between workstations and servers (maybe even by class of server). I noticed in testing that it's now possible to create a second authentication record for the same domain. ...
    keith Seymour
    last modified by keith Seymour
  • CVE-2019-951x Vulnerabilities

    Hi guys,   Qualys has released a detection logic for the new 8 new HTTP/2 implementation Flaw under QID 91560 (Score! ). I have checked the QID only detects the vulnerabilities for Microsoft Products. ...
    mrmime988
    last modified by mrmime988
  • Dashboards - VM or AV?

    More of a general question that an issue:   What is the future of the Qualys Dashboard, is it going to sit in the VM module or is it going to sit in the AV module.   Is there any benefit in putting time in...
    Michael Fowler
    last modified by Michael Fowler
  • Exclude authentication attempts with default credentials

    Hi All,   I'm running vulnerability scans to the Integrated Management Module (IMM) of several Lenovo x3650 M5 servers. For every scan we are receiving multiple notifications like: Alert Text: Security: Userid...
    Marco Pasetto
    last modified by Marco Pasetto
  • Tomcat Setup

    I have read the Tomcat setup help section many times. We have systems that have Tomcat but they all have different installation directories. I am trying to test to see if I made the application records correctly for W...
    Ben Trevino
    created by Ben Trevino
  • Dashboards and Visualizations

    I am surprised Qualys does not offer a Dashboard feature that would allow data/metrics to be shown on screens like on SOC floors etc.  From what I can see, we are limited to the general VM and the AssetView ...
    adamc
    last modified by adamc
  • SACK Vulnerabilities

    NOTE:  I wrote this at 7:05 am Wednesday morning.  So a few days later, there might be a change...more info...ect.   Just thought I would help out those who are looking for the number of QIDs related t...
    John Sponheimer
    last modified by John Sponheimer
  • Vulnerability scan Report of Elastic Beanstalk (aws) having OpenSSH version as 7.8 using Qualys shows “OpenSSH Username Enumeration Vulnerability”

    While doing vulnerability scan of an Elastic Beanstalk (aws) having OpenSSH version as 7.8 using Qualys , scan report shows “OpenSSH Username Enumeration Vulnerability” as shown in the screenshot below: S...
    Bridgei2i Analytics
    last modified by Bridgei2i Analytics
  • Improving Vulnerability Remediation Through Better Exploit Prediction

    Found interesting information in the following doc:   https://weis2019.econinfosec.org/wp-content/uploads/sites/6/2019/05/WEIS_2019_paper_53.pdf
    marioc
    created by marioc
  • Generate report with Local Username

    I am trying to run a report that will give me the local usernames of the host that have the QID 105236 vulnerability.  I have run an asset report but I could not figure out how to get the report to tell me local ...
    Russ Schneider
    created by Russ Schneider
  • User account password expiration exclusion

    Currently the user account password policy is subscription-wide and no account may be excluded from them. I along with others have presented API and reporting scenarios to justify excluding certain accounts from pas...
    apedret
    last modified by apedret
  • SambaCry Inquiries from Qualys customers: CVE-2017-7494

    Based on a client inquiry, the vulnerability management product team confirmed that no Samba code is installed on any physical, virtual, internal or perimeter scanners. The scanner OS (CentOS based) does not have any ...
    Mark Butler
    last modified by Mark Butler
  • FreeBSD Stackclash

    QID 370433 is detected on all my BSD hosts, all of which are 11.2-RELEASE-p4 or later. I have downloaded all the PoC code from ExploitDB and tested it against these hosts and have seen no evidence of privilege escalat...
    Rick Chisholm
    last modified by Rick Chisholm
  • QID 90126 - Pending Reboot

    I am curious if Qualys only looks for one value in the registry to determine if a system is "pending reboot".  Per the description, and based on what I have seen in my environment, this is all I ever see reported...
    adamc
    last modified by adamc