AnsweredAssumed Answered

VM Internal PCI Scan - how to pass AND how to remove QIDs from report

Question asked by lmx on Feb 8, 2013
Latest reply on Feb 15, 2013 by PSears

Hi,

 

I did a scan with my internal scanner using PCI template and ran the PCI Techncal Report.  There are vulns rated PCI Severity High Med and Low.

 

If I fix all the high vulns, will the overall PCI status say PASS (despite my having vulns with PCI ratings of Med and Low that still exist)?

 

I have some false positives (i.e. QID 1004 complaining about a tcp backdoor port in use on 2 of my IPs).  My application is using this port on these machines, so the message is not valid.  How do I make this QID stop appearing on specific IP addresses in the report?

 

Thanks.

Outcomes