PatrowlManager icon indicating copy to clipboard operation
PatrowlManager copied to clipboard
verified publisher icon Patrowl

Missing Vulnerabilities from Openvas

Open DBMNA opened this issue 3 years ago • 1 comments

Describe the bug The number of vulnerabilities visible on PatrowlManager after an Openvas scan is way lower than the report directly available in Openvas web GUI.

I am not sure if this is a bug on PatrowlManager or PatrowlEngine so please let me know if I need to create the issue on PatrowlEngine.

To Reproduce Steps to reproduce the behavior: Run a scan via PatrowlManager and wait until scan completed.

Count number of vulnerability per severity on PatrowlManager and Openvas Web GUI and compare the results

Example: Scan performed on a /24 subnet: On Openvas:

  • 18 High
  • 69 Medium
  • 19 Low
  • 493 Log

On PatrowlManager:

  • 9 High
  • 18 Medium
  • 3 Low
  • 79 Info

Expected behavior: Identical number of vulnerabilities on PatrowlManager and Openvas Web GUI

DBMNA avatar Jun 10 '22 13:06 DBMNA

Hi, I have a similar issue.

My setup is compose of:

  • a network /24 to scan;
  • Patrowl Manager 1.8.4
  • GVMD 22.4.1.

I launch a scan from Patr0wl Manager with ip-subnet as the Asset and in the end I end up with these results.

In openVAS I have 72 hosts scanned. image

In PatrowlManager I only have 59 assets imported image

The vulnerabilities results are unsyncronized as well.

Best Regards,

GascPT avatar Apr 28 '23 08:04 GascPT