• ColdFusion detection false positive?

    Anyone ever experience false positive detections for Adobe ColdFusion 2016?   I have rarely experienced any false positives from Qualys in the few years i have used it, so I'm struggling to accept that it m...
    Nicholas Sveen
    last modified by Nicholas Sveen
  • Does the Qualys Gateway Service now support High Availability?

    Hello All,   Can you please tell me if the Qualys Gateway Service now support High Availability?   Thanks
    Rusty Qualyz
    last modified by Rusty Qualyz
  • Qualys - Splunk integration - macro not found

    Hi All,   We have Splunk QA and Splunk prod in cluster mode. On QA evrything is running as expected, data is populated and dashboards with info is displayed properly. However the same settings are transferred to...
    Ivelin Penchev
    last modified by Ivelin Penchev
  • Cisco CVE-2020-3158

    Searching for this CVE on the knowledge base yields no results. do we know when the detection will be available?
    Alvaro Higuero
    last modified by Alvaro Higuero
  • Re eval Asset Tags scripted ?

    Has anyone developed a approach to forcing a tag to be revaluated from say and API call and being able to confirm that the re-evaluation took place ?      I reached out to support but they didnt have a...
    Kevin Ryan
    last modified by Kevin Ryan
  • Error in SQL Server after scan

    We receive three errors after running a scan.     MSSSPI-116: Logon       Error: 17828, Severity: 20, State: 4.     The prelogin packet used to open t...
    Felipe de Mesquita Gurian
    last modified by Felipe de Mesquita Gurian
  • Does qualys reports java vulnerabilities even if only traces of java found in machine instead of installing java software?

    We have user who doesn't installed Java  but they has traces of Java like documentation,certifications,plugins in the machine. But Qualys has detected the machine as vulnerable to many Java vulnerabilities and al...
    Preethi R
    last modified by Preethi R
  • Grouping machines based upon loggedonuser

    We have information from our Email Security Solution on the users that are most often targeted by email threats.  We'd like to use this list of highly targeted users and identify the computers on which they work ...
    Andrew Wild
    last modified by Andrew Wild
  • Product info for trial

    We Are Planning To Use A Vulnerability Scanner. But We Want To Collect Live Log From A Vulnerability Scanner. So May I Know Any API Or Live Log Forwarder Available With Your Product. Kindly Response ASAP, Thanks In Ad...
    MAHESH MK
    last modified by MAHESH MK
  • Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA

    The New Vulnerability Management (VM) Dashboard BETA program is not intended for production use, and its content is subject to modification without notice.  If you have any questions regarding its conte...
    DMFezzaReed
    last modified by DMFezzaReed
  • Vulnerability Management - reporting N-1 / N-2?

    Is it possible to run a vulnerability management report but ignore the most recent patches if we're running N-1 for instance?
    Simon Cooper
    last modified by Simon Cooper
  • External port scan - Port info only required

    Hi All,   I have a requirement to externally scan a public IP range and require simply the open TCP/UDP ports that are shown. I have seen that you can select a Full TCP/UDP Scan in the interface but this also pe...
    Chris Bott
    last modified by Chris Bott
  • OpenSSL Padding Oracle vulnerability (CVE-2016-2107)

    Hi there,   I have a test server running Centos 6.8 and can't overcome this message:  This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set...
    william harvey
    last modified by william harvey
  • Microsoft Security Patches and File Versions Vulnerabilities

    Hi All,   We've been chasing out tails with a few detected vulnerabilities lately. The basic pattern is...Qualys detects that a patch is missing. The result for this is that file X.Y is a particular version, and...
    Dan Salt
    last modified by Dan Salt
  • Asset showing wrong IP

    Hi Forum buddies,   Situation File Server (Virtual, Windows 2012 R2 Core) with 3 IP addresses - PROD (IP, Mask, GW, DNS) STORAGE (IP and MASK Only) BACKUP (IP and MASK Only). Binding order is PROD, Storage, Bac...
    Chris Jones
    last modified by Chris Jones
  • Printer OS Detection

    Hi Forumers,   Printers - I scanned our printers some time back and they reported back as 96% HP (HP & JetDirect mixed). Recently I performed the scan again and now we have 30% reporting as Xerox yet these a...
    Chris Jones
    last modified by Chris Jones
  • Issue with Excluding Superceded Patches

    I've just started trying to get my head around Qualys and superceded patches are creating a bit of a head ache. It appears that even though the option to exclude them has being selected there are still a few showing u...
    Dan Salt
    last modified by Dan Salt
  • Emailing Reports

    Hi All,   I trying to get reports to be emailed by schedule. Seems I can only get a notification to be emailed and not the actual report.   Any suggestions? Am i missing the obvious here?     Ch...
    Chris Jones
    last modified by Chris Jones
  • Windows 10 1803 Authentication

    Hi All,   We have recently upgraded to 1803 build for W10 and are now having authentication issues. We've noticed these are due to a GPO requirement but i am wondering if anyone else has experieced this?   ...
    Chris Jones
    last modified by Chris Jones
  • Microsoft patch level KB vulnerabilities only?

    Hi Does anyone know how I would go about creating a scan that only shows reports Microsoft patch level KB vulnerabilities only and not Applications level vulnerabilities?
    Ian Browne
    last modified by Ian Browne