AnsweredAssumed Answered

"Hidden or Unknown" QID's

Question asked by John Sponheimer on Feb 3, 2020

I just wanted to inform you all, at the time I am writing this (Monday morning Feb 3), there are 47,730 individual QIDs.

 

I suggest if you did not know this, you go to the Vulnerability Management module > knowledge Base > then New/Download

Download the entire QID list and look at them in Excel (its ALOT easier to look at them offline)

 

I do this fairly regularly and look for new items in the Severity column.  I don't look for Vulnerabilities, but I look for items "Information Gathered".  There are many different items that Qualys see's and can interpret that you can utilize in Dashboards/Queries, etc.

 

For instance I have done things like this when looking to see different views of information (some very temporary, some more long term).  Below are some examples of ones I have "looked at" at one point in time.

45261 - SMB Version 1 Enabled (on Windows)
45262 - SMB Version 2 or 3 Enabled (on Windows)
45108 - Mozilla Firefox Web Browser Detected
45125 - Java Version Detected
45105 - Google Chrome Web Browser Detected
45210 - Dropbox Installation Detected
45160 - Adobe Flash Player 7 Installed (there are many more versions of Flash found with other QIDs)
90036 - Domain Controller Detection (for windows)
90797 - Enumerate Windows shares and shared directories readable by Everyone
90295 - Windows Internet Explorer Version

 

Those are just a few examples I pulled from the list.

Look at those Informational ones.  You can utilize those to help in "less than Vulnerability" functions as well.

Outcomes