I did a scan with my internal scanner using PCI template and ran the PCI Techncal Report. There are vulns rated PCI Severity High Med and Low.
If I fix all the high vulns, will the overall PCI status say PASS (despite my having vulns with PCI ratings of Med and Low that still exist)?
I have some false positives (i.e. QID 1004 complaining about a tcp backdoor port in use on 2 of my IPs). My application is using this port on these machines, so the message is not valid. How do I make this QID stop appearing on specific IP addresses in the report?