Created an SLA to track remediation of critical vulnerabilities within ## of days of discovery. My question is does the day of discovery mean the day the vulnerability was first detected within our environment or the first time the vulnerability was seen since the day I created the SLA? Thanks
Posted by David Miller 5 months ago
I show a vulnerability for Admin account for telnet is utilizing password of Admin: Password of "password" we tried to telnet into these devices using admin password to no avail. where does repaid 7 pull this information or is this a false positive?
Posted by Randy Templeton 5 months ago
Is there a policy check for Network Level Authentication? I can't seem to find it in the CIS or DISA Stig checks. Curious due to the May 2019 RCE vulnerability disclosure. I'm referring to this to be exact: Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security.
Posted by Mike Conroy 5 months ago
Hello All, Good day I saw (potential) vulnerability when scanning one of Ubuntu 16.04 system with Nexpose. However, upon inspecting the /usr/bin/at, I saw that it is an executable file/binary rather than a shell script. Moreover, it's ownership is daemon:daemon not root. Is the file still vulnerable with "SUID Bit Set Upon Script File" ? SUID Bit Set Upon Script File CVSS (AV:L/AC:M/Au:N/C/I/A) CVSS Score 4.4 Under many UNIX-like operating systems, setting the SUID bit on an interpreted script file can lead to an exploitable race condition that yields elevated privileges. Vulnerable Script: /usr/bin/at Remediation BEGIN # Remove the suid bit from the script Configuration remediation steps The SUID bit should be removed from the script.
Posted by Compete2Cooperate 5 months ago
Hey all, I am getting a number of results that are failing, but should be passing. For example (this is for Windows 10): the proof says: At least one specified Password Policy entry must match the given criteria. At least one evaluation must pass This one is a pass max_passwd_age = 5184000 min_passwd_age = 86400 min_passwd_len = 14 password_hist_len = 24 password_complexity = true reversible_encryption = false This is a fail. max_passwd_age = 3710851 min_passwd_age = 0 min_passwd_len = 0 password_hist_len = 0 password_complexity = false reversible_encryption = false So basically, there are 2 results that InsightVM see. One is a pass (24 password history length) and one is a fail (0 password history length). But in the report, it always fails the compliance rule. This is just one example of many. Some fail with 2 results, some pass. I have a ticket with Rapid7 but they haven't responded for a while. Just wondering if anyone else is having / has had this problem. Thanks
Posted by Russell 5 months ago
I generate a general report for users the top 25. Looks like it gives risk of 100 percent as well as 100 % vulnerabilities. It doesn't look right how is this calculated, yeah in a perfect if you fix 100 percent of the vulnerabilities you will get 100 percent lowered risk score...how do i explain to people what those two scores are on this report?
Posted by Vanessa villalpando 5 months ago
This is the second time i have done a version upgrade on my application and both times it has lost the ability to let my ldap script correlate to the console. It says one or more authentication services are unavailable, the first time the engineer fixed it but now I need documentation on what commands to run since its happened both times i have upgraded versions. I'm asking because i currently have ticket it and no users are able to login using ldap. HELP. Version upgrade documentation should have the after effects and solutions.
Posted by Vanessa villalpando 5 months ago
My Insight console is reporting several vulnerabilities associated with the Java that is installed as part of the scan engine itself: Vulnerable software installed: Oracle JRE 188.8.131.52 (/opt/rapid7/nexpose/_jvm1.8.0_192/lib/rt.jar) Should we expect Rapid7 to publish an automatic update that eliminates these vulnerabilities? The vulnerabilities were published late last month. Chris
Posted by Christopher Ursich 5 months ago
I'm using python to connect to InsightVM API v3 to retrieve information. Why does it only return 10 record? how can I retrieve all records? data = requests.get('https://insightvm.xyz.com:3780/api/3/sites',auth=HTTPBasicAuth('UID','password'))
Posted by Simon Tran 5 months ago
We did a mass deployment of the insight agent, but none of the machines are checking in. I checked a few logs and show there was proxy error, and the client is stopped and will not start. How do we get the client started on the machines? I believe I may have resolved the proxy error.
Posted by Aaron Couts 5 months ago
I am using Nexpose Enterprise Edition and scanning windows servers 2008, 2012 and 2016. I am not able to perform successful scanning and DCE Authentication failure on port 135 occurs. However port 139 and 445 in some cases returns me with credential success output. Kindly guide.
Posted by Michael Quarshie 5 months ago
Hi, I'm struggling with Nexpose API in Powershell. Currently dealing with included_targets. I'm able to GET them with no problem so my PS script works. But I can't manage to create the proper string array while I'm doing PUT to /sites/#/included_targets. I've tried many ways but I'm still getting 400 or 415 responses from the Nexpose server. https://help.rapid7.com/insightvm/en-us/api/index.html#operation/updateIncludedTargets says to put an array of string into the PUT request body. Can anyone provide an exact Powershell code how to do that (put a couple of hostnames as included targets into a site)? I'm not an expert in Powershell. Thx.
Posted by Jiri Dohnal 5 months ago