Patrowl / PatrowlManager

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
https://www.patrowl.io
GNU Affero General Public License v3.0
625 stars 112 forks source link

Missing Vulnerabilities from Openvas #255

Open DBMNA opened 2 years ago

DBMNA commented 2 years ago

Describe the bug The number of vulnerabilities visible on PatrowlManager after an Openvas scan is way lower than the report directly available in Openvas web GUI.

I am not sure if this is a bug on PatrowlManager or PatrowlEngine so please let me know if I need to create the issue on PatrowlEngine.

To Reproduce Steps to reproduce the behavior: Run a scan via PatrowlManager and wait until scan completed.

Count number of vulnerability per severity on PatrowlManager and Openvas Web GUI and compare the results

Example: Scan performed on a /24 subnet: On Openvas:

On PatrowlManager:

Expected behavior: Identical number of vulnerabilities on PatrowlManager and Openvas Web GUI

GascPT commented 1 year ago

Hi, I have a similar issue.

My setup is compose of:

I launch a scan from Patr0wl Manager with ip-subnet as the Asset and in the end I end up with these results.

In openVAS I have 72 hosts scanned. image

In PatrowlManager I only have 59 assets imported image

The vulnerabilities results are unsyncronized as well.

Best Regards,