VM scans on RHEL systems tend to generate false positives because Qualys does not seem to take into account the backporting technique used by Red Hat (https://access.redhat.com/security/updates/backporting).
I'm interested to know how other users are approaching this challenge.
Hi, we see the same thing more concrete Vuln scan recognized that we use OpenSSH 4.3 version, which is vulnerable if vanilla but we have backported patches on it.
I am fine (for now) to manually inspect it, but it would be nice if i can mark it as false positive and not to see it anymore as vulnerability, is there any way?
Hello Herbon,
Are you seeing a specific issue? If yes, please open a support ticket so we can investigate. Qualys signatures support backported patches for RHEL systems, so we're interested to understand if there is an issue.
Thanks, Robert