Project

General

Profile

Bug #13652 » Scan_Profile.html

Infra Weavers, 01/24/2023 10:18 AM

 
1
<div id="34" class="div_tree">
2
<dl class="form_dl"></dl>
3
<h4>Hosts Scanned</h4>
4
<div class="rpt_results"><h4>Successfully Scanned Hosts (IP)</h4>81.143.222.156-81.143.222.157</div>
5
<div class="rpt_results"><h4>Target distribution across scanner appliances</h4>External : 81.143.222.156-81.143.222.157</div>
6
<h4>Options Profile</h4>
7
<h6 id="DEFAULT_VM_OPTIONS_PROFILE_2022"><a name="DEFAULT_VM_OPTIONS_PROFILE_2022"></a>
8
<b>DEFAULT_VM_OPTIONS_PROFILE_2022</b>
9
</h6>
10
<dl class="form_dl options">
11
<dt>
12
<b>Scan Settings</b>
13
</dt>
14
<dd>&nbsp;</dd>
15
<dt>Ports</dt>
16
<dd>-</dd>
17
<dt>Scanned TCP Ports</dt>
18
<dd>Standard Scan and Additional TCP Ports: 8080,  8081,  8082,  8083,  8084,  8085,  8090,  50000,  50001,  50003,  33848</dd>
19
<dt>Scanned UDP Ports</dt>
20
<dd>Standard Scan and Additional UDP Ports: 8080,  8081,  8082,  8083,  8084,  8085,  8090,  50000,  50001,  50002,  33848</dd>
21
<dt>Scan Dead Hosts</dt>
22
<dd>Off</dd>
23
<dt>Close Vulnerabilities on Dead Hosts Count</dt>
24
<dd>2</dd>
25
<dt>Purge old host data when OS changes</dt>
26
<dd>On</dd>
27
<dt>Load Balancer Detection</dt>
28
<dd>On</dd>
29
<dt>Perform 3-way Handshake</dt>
30
<dd>Off</dd>
31
<dt>Vulnerability Detection</dt>
32
<dd>Complete</dd>
33
<dt>Intrusive Checks</dt>
34
<dd>Excluded</dd>
35
<dt>Password Brute Forcing</dt>
36
<dd>-</dd>
37
<dt>System</dt>
38
<dd>Disabled</dd>
39
<dt>Custom</dt>
40
<dd>Disabled</dd>
41
<dt>Authentication</dt>
42
<dd>-</dd>
43
<dt>Windows</dt>
44
<dd>Enabled</dd>
45
<dt>Unix/Cisco/Network SSH</dt>
46
<dd>Enabled</dd>
47
<dt>Unix Least Privilege Authentication</dt>
48
<dd>Disabled</dd>
49
<dt>Oracle</dt>
50
<dd>Disabled</dd>
51
<dt>Oracle Listener</dt>
52
<dd>Disabled</dd>
53
<dt>SNMP</dt>
54
<dd>Enabled</dd>
55
<dt>VMware</dt>
56
<dd>Enabled</dd>
57
<dt>DB2</dt>
58
<dd>Disabled</dd>
59
<dt>HTTP</dt>
60
<dd>Enabled</dd>
61
<dt>MySQL</dt>
62
<dd>Disabled</dd>
63
<dt>Tomcat Server</dt>
64
<dd>Disabled</dd>
65
<dt>MongoDB</dt>
66
<dd>Disabled</dd>
67
<dt>Palo Alto Networks Firewall</dt>
68
<dd>Disabled</dd>
69
<dt>Jboss Server</dt>
70
<dd>Disabled</dd>
71
<dt>Oracle WebLogic Server</dt>
72
<dd>Disabled</dd>
73
<dt>MariaDB</dt>
74
<dd>Disabled</dd>
75
<dt>InformixDB</dt>
76
<dd>Disabled</dd>
77
<dt>MS Exchange Server</dt>
78
<dd>Disabled</dd>
79
<dt>Oracle HTTP Server</dt>
80
<dd>Disabled</dd>
81
<dt>MS SharePoint</dt>
82
<dd>Disabled</dd>
83
<dt>Sybase</dt>
84
<dd>Disabled</dd>
85
<dt>Kubernetes</dt>
86
<dd>Disabled</dd>
87
<dt>SAP IQ</dt>
88
<dd>Disabled</dd>
89
<dt>SAP HANA</dt>
90
<dd>Disabled</dd>
91
<dt>Azure MS SQL</dt>
92
<dd>Disabled</dd>
93
<dt>Neo4j</dt>
94
<dd>Disabled</dd>
95
<dt>NGINX</dt>
96
<dd>Disabled</dd>
97
<dt>Infoblox</dt>
98
<dd>Disabled</dd>
99
<dt>Overall Performance</dt>
100
<dd>Normal</dd>
101
<dt>Allow Parallel Scanning</dt>
102
<dd>Disabled</dd>
103
<dt>Additional Certificate Detection</dt>
104
<dd>Disabled</dd>
105
<dt>Authenticated Scan Certificate Discovery</dt>
106
<dd>Disabled</dd>
107
<dt>Test Authentication</dt>
108
<dd>Disabled</dd>
109
<dt>Hosts to Scan in Parallel</dt>
110
<dd>-</dd>
111
<dt>Use Appliance Parallel ML Scaling</dt>
112
<dd>Off</dd>
113
<dt>External Scanners</dt>
114
<dd>15</dd>
115
<dt>Scanner Appliances</dt>
116
<dd>30</dd>
117
<dt>Processes to Run in Parallel</dt>
118
<dd>-</dd>
119
<dt>Total Processes</dt>
120
<dd>10</dd>
121
<dt>HTTP Processes</dt>
122
<dd>10</dd>
123
<dt>Packet (Burst) Delay</dt>
124
<dd>Medium</dd>
125
<dt>Port Scanning and Host Discovery</dt>
126
<dd>-</dd>
127
<dt>Intensity</dt>
128
<dd>Normal</dd>
129
<dt>Dissolvable Agent</dt>
130
<dd>-</dd>
131
<dt>Dissolvable Agent (for this profile)</dt>
132
<dd>Disabled</dd>
133
<dt>Windows Share Enumeration</dt>
134
<dd>Disabled</dd>
135
<dt>Windows Directory Search</dt>
136
<dd>Disabled</dd>
137
<dt>Lite OS Discovery</dt>
138
<dd>Disabled</dd>
139
<dt>User Defined HTTP Header</dt>
140
<dd>ORG_Vuln_Mgmt</dd>
141
<dt>Host Alive Testing</dt>
142
<dd>Disabled</dd>
143
<dt>Do Not Overwrite OS</dt>
144
<dd>Disabled</dd>
145
<dt>
146
<b>System Authentication</b>
147
</dt>
148
<dd>&nbsp;</dd>
149
<dt>System Authentication Records</dt>
150
<dd>-</dd>
151
<dt>Include system created authentication records in scans</dt>
152
<dd>Disabled</dd>
153
<dt>
154
<b>Advanced Settings</b>
155
</dt>
156
<dd>&nbsp;</dd>
157
<dt>Host Discovery</dt>
158
<dd>TCP Custom TCP Port List: 21-23,  25,  53,  80,  88,  110-111,  135,  139,  443,  445,  1433,  1521,  1525,  1526,  1527,  1529,  1571</dd>
159
<dt>&nbsp;</dt>
160
<dd>UDP Standard Scan</dd>
161
<dt>&nbsp;</dt>
162
<dd>ICMP On</dd>
163
<dt>Packet Options</dt>
164
<dd>-</dd>
165
<dt>Ignore firewall-generated TCP RST packets</dt>
166
<dd>On</dd>
167
<dt>Ignore all TCP RST packets</dt>
168
<dd>Off</dd>
169
<dt>Ignore firewall-generated TCP SYN-ACK packets</dt>
170
<dd>On</dd>
171
<dt>Do not send TCP ACK or SYN-ACK packets during host discovery</dt>
172
<dd>Off</dd>
173
</dl>
174
<div class="head1">
175
<a href="javascript:toggle_tree('38')" class="section" id="l38" name="Report Legend"><h4><img src="https://qualysguard.qg2.apps.qualys.com/images/tree_open.gif" alt="" height="10" width="10" id="i38" class="left">
176
Report Legend</h4></a>
177

    
178
</div>
179
<div id="38" class="div_tree">
180
<div class="report_result">
181
<h4>Vulnerability Levels</h4>
182
<p>A Vulnerability is a design flaw or mis-configuration which makes your network (or a host on your network) susceptible to malicious attacks from local or remote users. Vulnerabilities can exist in several areas of your network, such as in your firewalls, FTP servers, Web servers, operating systems or CGI bins. Depending on the level of the security risk, the successful exploitation of a vulnerability can vary from the disclosure of information about the host to a complete compromise of the host.</p>
183
<table class="vuln_legend" border="0" cellspacing="0" cellpadding="0">
184
<tbody><tr>
185
<td id="tl1h01" class="severity">Severity</td>
186
<td id="tl1h02" class="level">Level</td>
187
<td id="tl1h03">Description</td>
188
</tr>
189
<tr>
190
<td headers="tl1h01" class="severity">
191
<div class="severity_icon" title="Vulnerability - level 1">
192
<img src="/images/vuln_level1.gif">
193
 1
194
</div>
195
</td>
196
<td headers="tl1h02" class="level">Minimal</td>
197
<td headers="tl1h03">Intruders can collect information about the host (open ports, services, etc.) and may be able to use this information to find other vulnerabilities.</td>
198
</tr>
199
<tr>
200
<td headers="tlh01" class="severity">
201
<div class="severity_icon" title="Vulnerability - level 2">
202
<img src="/images/vuln_level2.gif">
203
 2
204
</div>
205
</td>
206
<td headers="tl1h02" class="level">Medium</td>
207
<td headers="tl1h03">Intruders may be able to collect sensitive information from the host, such as the precise version of software installed. With this information, intruders can easily exploit known vulnerabilities specific to software versions.</td>
208
</tr>
209
<tr>
210
<td headers="tlh01" class="severity">
211
<div class="severity_icon" title="Vulnerability - level 3">
212
<img src="/images/vuln_level3.gif">
213
 3
214
</div>
215
</td>
216
<td headers="tl1h02" class="level">Serious</td>
217
<td headers="tl1h03">Intruders may be able to gain access to specific information stored on the host, including security settings. This could result in potential misuse of the host by intruders. For example, vulnerabilities at this level may include partial disclosure of file contents, access to certain files on the host, directory browsing, disclosure of filtering rules and security mechanisms, denial of service attacks, and unauthorized use of services, such as mail-relaying.</td>
218
</tr>
219
<tr>
220
<td headers="tl1h01" class="severity">
221
<div class="severity_icon" title="Vulnerability - level 4">
222
<img src="/images/vuln_level4.gif">
223
 4
224
</div>
225
</td>
226
<td headers="tl1h02" class="level">Critical</td>
227
<td headers="tl1h03">Intruders can possibly gain control of the host, or there may be potential leakage of highly sensitive information. For example, vulnerabilities at this level may include full read access to files, potential backdoors, or a listing of all the users on the host.</td>
228
</tr>
229
<tr>
230
<td headers="tlh01" class="severity">
231
<div class="severity_icon" title="Vulnerability - level 5">
232
<img src="/images/vuln_level5.gif">
233
 5
234
</div>
235
</td>
236
<td headers="tl1h02" class="level">Urgent</td>
237
<td headers="tl1h03">Intruders can easily gain control of the host, which can lead to the compromise of your entire network security. For example, vulnerabilities at this level may include full read and write access to files, remote execution of commands, and the presence of backdoors.</td>
238
</tr>
239
</tbody></table>
240
<h4>Potential Vulnerability Levels</h4>
241
<p>A potential vulnerability is one which we cannot confirm exists. The only way to verify the existence of such vulnerabilities on your network would be to perform an intrusive scan, which could result in a denial of service. This is strictly against our policy. Instead, we urge you to investigate these potential vulnerabilities further.</p>
242
<table class="vuln_legend" border="0" cellspacing="0" cellpadding="0">
243
<tbody><tr>
244
<td id="tl2h01" class="severity">Severity</td>
245
<td id="tl2h02" class="level">Level</td>
246
<td id="tl2h03">Description</td>
247
</tr>
248
<tr>
249
<td headers="tl2h01" class="severity">
250
<div class="severity_icon" title="Potential Vulnerability - level 1">
251
<img src="/images/threat_level1.gif">
252
 1
253
</div>
254
</td>
255
<td headers="tl2h02" class="level">Minimal</td>
256
<td headers="tl2h03">If this vulnerability exists on your system, intruders can collect information about the host (open ports, services, etc.) and may be able to use this information to find other vulnerabilities.</td>
257
</tr>
258
<tr>
259
<td headers="tl2h01" class="severity">
260
<div class="severity_icon" title="Potential Vulnerability - level 2">
261
<img src="/images/threat_level2.gif">
262
 2
263
</div>
264
</td>
265
<td headers="tl2h02" class="level">Medium</td>
266
<td headers="tl2h03">If this vulnerability exists on your system, intruders may be able to collect sensitive information from the host, such as the precise version of software installed. With this information, intruders can easily exploit known vulnerabilities specific to software versions.</td>
267
</tr>
268
<tr>
269
<td headers="tl2h01" class="severity">
270
<div class="severity_icon" title="Potential Vulnerability - level 3">
271
<img src="/images/threat_level3.gif">
272
 3
273
</div>
274
</td>
275
<td headers="tl2h02" class="level">Serious</td>
276
<td headers="tl2h03">If this vulnerability exists on your system, intruders may be able to gain access to specific information stored on the host, including security settings. This could result in potential misuse of the host by intruders. For example, vulnerabilities at this level may include partial disclosure of file contents, access to certain files on the host, directory browsing, disclosure of filtering rules and security mechanisms, denial of service attacks, and unauthorized use of services, such as mail-relaying.</td>
277
</tr>
278
<tr>
279
<td headers="tl2h01" class="severity">
280
<div class="severity_icon" title="Potential Vulnerability - level 4">
281
<img src="/images/threat_level4.gif">
282
 4
283
</div>
284
</td>
285
<td headers="tl2h02" class="level">Critical</td>
286
<td headers="tl2h03">If this vulnerability exists on your system, intruders can possibly gain control of the host, or there may be potential leakage of highly sensitive information. For example, vulnerabilities at this level may include full read access to files, potential backdoors, or a listing of all the users on the host.</td>
287
</tr>
288
<tr>
289
<td headers="tl2h01" class="severity">
290
<div class="severity_icon" title="Potential Vulnerability - level 5">
291
<img src="/images/threat_level5.gif">
292
 5
293
</div>
294
</td>
295
<td headers="tl2h02" class="level">Urgent</td>
296
<td headers="tl2h03">If this vulnerability exists on your system, intruders can easily gain control of the host, which can lead to the compromise of your entire network security. For example, vulnerabilities at this level may include full read and write access to files, remote execution of commands, and the presence of backdoors.</td>
297
</tr>
298
</tbody></table>
299
<h4>Information Gathered</h4>
300
<p>Information Gathered includes visible information about the network related to the host, such as traceroute information, Internet Service Provider (ISP), or a list of reachable hosts. Information Gathered severity levels also include Network Mapping data, such as detected firewalls, SMTP banners, or a list of open TCP services.</p>
301
<table class="vuln_legend" border="0" cellspacing="0" cellpadding="0">
302
<tbody><tr>
303
<td id="tl3h01" class="severity">Severity</td>
304
<td id="tl3h02" class="level">Level</td>
305
<td id="tl3h03">Description</td>
306
</tr>
307
<tr>
308
<td headers="tl3h01" class="severity">
309
<div class="severity_icon" title="Information Gathered - level 1">
310
<img src="/images/info_level1.gif">
311
 1
312
</div>
313
</td>
314
<td headers="tl3h02" class="level">Minimal</td>
315
<td headers="tl3h03">Intruders may be able to retrieve sensitive information related to the host, such as open UDP and TCP services lists, and detection of firewalls.</td>
316
</tr>
317
<tr>
318
<td headers="tl3h01" class="severity">
319
<div class="severity_icon" title="Information Gathered - level 2">
320
<img src="/images/info_level2.gif">
321
 2
322
</div>
323
</td>
324
<td headers="tl3h02" class="level">Medium</td>
325
<td headers="tl3h03">Intruders may be able to determine the operating system running on the host, and view banner versions.</td>
326
</tr>
327
<tr>
328
<td headers="tl3h01" class="severity">
329
<div class="severity_icon" title="Information Gathered - level 3">
330
<img src="/images/info_level3.gif">
331
 3
332
</div>
333
</td>
334
<td headers="tl3h02" class="level">Serious</td>
335
<td headers="tl3h03">Intruders may be able to detect highly sensitive data, such as global system user lists. </td>
336
</tr>
337
</tbody></table>
338
</div>
339
</div>
340
</div>
(4-4/9)