Investigating Ghostscript 9.07 not being detected by agent. It seems a small amount of vulnerabilities will not be detected if they require an open port when using agents. Could someone please help?
Remote based detection cannot be done by the cloud agent. If you look at the QIDs and the discovery method is "Remote" only, the agent won't be able to help you.
Although, I would have suspected a version based detection if the vulns are associated with a specific version of Ghostscript. I am seeing that the agent is picking up ghostscript being installed...
Do you have a specific qid/qids you are looking at?
Yes, if the vulnerability only has a remote check, the cloud agent can't detect it. That's because the agent is locally installed and can't connect to ports. However, we're talking about a very tiny number here.
I looked at some of the GhostScript QID's and looks like the agent can detect it.
Can you provide the QID that you're investigating?
Retrieving data ...