AnsweredAssumed Answered

Why would a vulnerability be seen by an external scan, but NOT by an internal scan??

Question asked by Karl Bernard on Nov 13, 2014
Latest reply on Nov 18, 2014 by DMFezzaReed

Why would an Internal scan close vulnerabilities seen by a external scan?? Esp if both are unauthenticated...

 

We have some vulnerabilities that were seen by an external scan and then marked as closed/fixed by an internal scan with essentially the same settings the next day. The scanner didn't authenticate to the hosts for either scan.

Examples:

QID 86714/Web Server Vulnerable to Redirection Page Cross-Site Scripting Attacks

QID 38602/OpenSSL Multiple Remote Security Vulnerabilities

QID 87245/Apache Tomcat Information Disclosure and Denial of Service Vulnerability

QID 12882/WordPress XML-RPC Pingback Abuse

 

This just doesn't seem right...

 

Any thoughts/suggestions?

 

Thanks,

 

Karl

Outcomes