AnsweredAssumed Answered

Fixed Vulnerabilities still showing on reports?

Question asked by Javan DeGraff on May 11, 2016
Latest reply on May 13, 2016 by aklesnicki

Here's an odd thing that's only started happening as of March:

 

Vulnerabilities that are no longer active are still showing up on reports as active--but the last found date will be several weeks (or even months) old.

 

Trying to figure out what's going on as these items used to drop off reports once they had been fixed.  Opened a ticket with Qualys Support but so far has not been able to reach a resolution.  Curious if anyone else has had this problem.

 

An example:

IPVuln StatusLast DetectedTitle
x.x.x.xActive2/4/2016POODLE

 

The IP in question is still active--it hasn't been taken offline so it's not just an old reading from the database that hasn't been seen since February.  As I said, up until just a little while ago, these were dropping off the reports so I'm not sure what changed--several that had dropped off have now re-appeared but haven't been classified as "re-opened" and, when you actually audit the machine manually, have resolved the vulnerability.

 

Any ideas are appreciated.

Outcomes