Why would an Internal scan close vulnerabilities seen by a external scan?? Esp if both are unauthenticated...
We have some vulnerabilities that were seen by an external scan and then marked as closed/fixed by an internal scan with essentially the same settings the next day. The scanner didn't authenticate to the hosts for either scan.
QID 86714/Web Server Vulnerable to Redirection Page Cross-Site Scripting Attacks
QID 38602/OpenSSL Multiple Remote Security Vulnerabilities
QID 87245/Apache Tomcat Information Disclosure and Denial of Service Vulnerability
QID 12882/WordPress XML-RPC Pingback Abuse
This just doesn't seem right...