This document is intended to help customers understand the changes that occur in the KnowledgeBase once any given QID is pushed to production.
Go to the KnowledgeBase and choose Info or Edit for any QID. Then go to the Change Log section. For each change you’ll see the date of the change and comments provided by the Qualys Vulnerability Signatures team.
What gets entered in the "Change Log"?
- Detection logic changes only
Example for QID 86857:
When does the "Modified" date get updated?
QID Modified date is updated with any changes made to the description fields which include the following:
- [Information Gathered, Confirmed Vulnerability, Potential Vulnerability]
- [1, 2, 3, 4, 5]
- Vendor Reference
- [URL to vendor's page]
- Patch Available
- [yes, no]
- [Title of QID]
- [Threat tab]
- [Solution tab]
- Authentication Type
- [Windows, Unix, Oracle, SNMP, VMware, WebLogic, MS SQL, etc.]
- PCI Explanation
- [QID falls into any of these categories for PCI - SQL Injection, Cross-site scripting (XSS) flaw, Directory traversal, HTTP response splitting/header injection, Un-supported software, Databases access, Default account/password, Unrestricted DNS zone transfer, Backdoors, SSL Specific]
- PCI Exception
- [Reason why QID is marked as PCI exception]
Appending these adjustments to the "Change Log" is an improvement being tracked by Qualys.
Note: no change log is available for CIDs within Policy Compliance. You can view policy updates at https://blog.qualys.com/tag/library