I’ve been fiddling around with the GMP protocol for a while, and have stumbled across a weird phenomenon. By using the get_report() command, I get a different report than the one printed out by GSA. I use the command in the following way:
gmp.get_report(report_id=report_id, report_format_id=pdf_format, details=True, filter=“levels=hml notes=1”)
Even though the filtering should be the same, the GSA report contains two hosts with vulnerabilities whereas the report retrieved with the command only has one. Also, the command-based report is missing a vulnerability that is classed “high” from the host that appears in both reports, even though it is not filtered out.
I am using the latest build of GVM, and the GMP 20.08 protocol.