I was wondering if anyone else has experienced this or if anyone might have an explanation for something my coworkers and I recently noticed.
When Foundstone creates an asset it is, from my understanding, supposed to assign it a unique System label "xxxxxx (IP Address)."
What we noticed is that from the same scan there are multiple vulnerabilities for the same IP address but there are three different System labels that are tagged to that machine. We have static IP's assigned to the machines so the machine has not changed. This is causing duplicate issues to be found for the same host as they are categorized under different System labels.
An example of this can be seen here:
|74800||Scan Name Here||2||Apache HTTP Method Request Entity XSS||10156347 (xxx.xx.92.6)|
|75682||Scan Name Here||2||Apache HTTP Method Request Entity XSS||10157536 (xxx.xx.92.6)|
|83890||Scan Name Here||2||Apache HTTP Method Request Entity XSS||10158857 (xxx.xx.92.6)|
Check your Asset Identification Rules.