I have done a number VA scans for the same device (sometimes being consecutive) and, the vulnerabilities differ and I think that is due to the fact that not all services are discovered each time during the discovery process. Has anyone seen this issue before and provide some guidence to what the problem could be?
*First scan - 3 services discovered and 6 vulnerabilites
*Second scan - 1 service discovered and 3 vulnerabilities
*Third scan - 0 services discovered and 2 vulnerabilities
Ther above scans are completed straight after from when the last one completes. No changes are made to the host or to the VA scan job.
*Windows XP SP3
*Symantec endpoint protection
*OpenSSL fix recent install
This is first device of this kind to be scanned in our environment. We have not noticed this with other devices.
Hi - the problem seems to be only one pass was being made to discover services, changing this to 3 the results are consistent.
Any seen this issues before? I assume its to do with the network.