After I re mediate a vulnerability on a server, how do I rescan for that vulnerability on that specific server? I obviously don’t want to run the parent task with thousands of hosts. I simply want to view the vulnerability report, fix an issue, then run a scan on that exact issue for just that server. I would expect to see a “scan” button/link on that vulnerability or server. I would not want to create a new task for each vulnerability/server. Thanks!
You can follow these steps to achieve what you’re looking for:
- Create a new “Empty, static and fast” scan configuration
- Add the three mentioned VTs from Hint: Self-created scan configs (copy of "empty" scan config) showing no results to this scan config
- Add the VT which had reported the vulnerability to this scan config
- Create a new target for this single system
- Create a new task and assign the created scan configuration as well as the target to this task
- Run a new scan
Seriously? I would need to create a new target and a new task just to scan for one vulnerability? Am I missing something?
one task can have only one single target definition (including the port list definition assigned to this target) and one single scan configuration assigned. As soon as this task has one result it can’t be changed anymore.
AFAIK the background for this design decision is that you need to keep the consistency between reports from within this single task which can’t be guaranteed any longer if you’re changing the parameters / the scope of it.
As you want to scan one single system for one single vulnerability you have a completely different scope and thus you need to follow the steps outlined previously.