I have found an error on Qualys Enterprise Suite.
In Various Reports and Scan, this is not on the port Reported Affected by the vulnerability.
See the imagen:
The QIDs for "Open TCP Services List" and "Open UDP Services List" are the definitive places to look for ports open on a particular targets. Due to the way QualysGuard determines information for particular "meta" QIDs, it doesn't always report the port number.
Example: "Global User List" isn't a direct vulnerability check, but it pulls its information from other QIDs.
Example: The QIDs for "EOL/Obsolete Software" aren't checks that touch the system directly, but regexp matches from other QIDs that actually do the version checks.
Hope this helps to explain things a bit.
See this example. I have more.
What is the port of this have the Vulnerability "SSLv3.0/TLSv1.0 Protocol Weak CBC Mode"?? If you see the report, you know?
Retrieving data ...