cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
msimard
Level 7

finding vulnerabilities on the MVM server itself

Jump to solution

Does anyone have seen this.

Foundstone is finding vulnerabilities on the MVM server itself. Client did a scan of the MVM appliance and it came up with vulnerabilities.McAfee support  answer they got was a) the MVM needs to able to access the internet to update itself (it is) b) you shouldn’t be scanning your MVM appliance (which is just plain stupid as an answer). This is not a major issue but strange that the actual unit is coming up with vulnerabilities. 

PS: They have the appliance.

0 Kudos
1 Solution

Accepted Solutions
jhaynes
Level 12

Re: finding vulnerabilities on the MVM server itself

Jump to solution

Well technically support was correct but it could have been explained better.

  1. If the appliance doesn't have access to download sus updates to patch the OS from the Internet then yes any new vulnerabilities that are discovered since the release of the appliance will not be patched.
  2. When support said you shouldn't scan the MVM Appliance what they meant is that you shouldn't scan a scan engine with itself. Example: If the IP Address of your scan engine was 300.1.3.5 you would not want to scan IP Address 300.1.3.5 from that engine. You can scan IP 300.1.3.5 from any other engine though.

Jeff Haynes

0 Kudos
3 Replies
jhaynes
Level 12

Re: finding vulnerabilities on the MVM server itself

Jump to solution

Well technically support was correct but it could have been explained better.

  1. If the appliance doesn't have access to download sus updates to patch the OS from the Internet then yes any new vulnerabilities that are discovered since the release of the appliance will not be patched.
  2. When support said you shouldn't scan the MVM Appliance what they meant is that you shouldn't scan a scan engine with itself. Example: If the IP Address of your scan engine was 300.1.3.5 you would not want to scan IP Address 300.1.3.5 from that engine. You can scan IP 300.1.3.5 from any other engine though.

Jeff Haynes

0 Kudos
mmsmith
Level 7

Re: finding vulnerabilities on the MVM server itself

Jump to solution

If we have MVM appliances do we need to run Windows Update on them each month or do the appropriate OS patches get pushed to the appliances through FSUpdate?

0 Kudos
rtegtmeyer
Level 7

Re: finding vulnerabilities on the MVM server itself

Jump to solution

Just had a case open for this. Appliances get SUS updates from McAfee (KB search helps for the URL), software installations on W2K3x and W2K8x will get them from Microsoft. Same for SQL. Appliance = McAfee, software installation from Microsoft.

Brgds

0 Kudos