Investigating a Potential False Positive from an Authenticated Scan
Sometimes, an authenticated scan generates a false positive because the scan fails.
Research the vulnerability.
- Click the Vulnerabilities tab.
- From the navigation menu, click Scan Results.
- In the Scan results window, click a row in the Vulnerabilities column.
- Click the vulnerability that you want to investigate.
- Click the Plugin Details link to open the patching window for the vulnerability.
- Use the tabs to discover Oval Definition, Windows Knowledge
Base, or UNIX advisory information about the vulnerability.
For vulnerabilities that are created from an Open Vulnerability and Assessment Language (OVAL) test, click the appropriate OVAL tab to see the criteria that JSA Vulnerability Manager uses in the test.
For vulnerabilities that are created from an Windows KB registry scan, click the Windows KB tab to view the updates (KBs) that JSA Vulnerability Manager associates with the vulnerability.
For vulnerabilities that are created because of a missing RPM Package Manager (RPM), click the Unix tab. The displayed packages and revisions are checked against the appropriate operating systems releases.