Our KnowledgeBase of vulnerabilities is the largest and most up to date in the security industry. Go to the KnowledgeBase to see a complete list of vulnerabilities that can be detected by our security service.
You'll see these vulnerability types:
- Cross-site Scripting Vulnerabilities: Persistent, Reflected, Header, Browser-specific
- SQL Injection Vulnerabilities: Regular and Blind
- Additional vulnerabilities tell you information gathered about each web application during the scan process, such as links crawled, the external links discovered, external form actions discovered, host information, and scan diagnostics
Select KnowledgeBase and navigate to Search results. Enter the search criteria and then click the Search button. You can enter text strings (no wildcards or operators). For example, to search for SQL vulnerabilities, enter "sql" under Search results and then click the Search button.
The KnowledgeBase contains all vulnerability checks provided by our service, including checks for VM scans as well as web application scans. Want to find web application vulnerabilities, the ones we can detect on your web apps? It's easy.
1) Go to the KnowledgeBase.
2) Under Filter Results in the left sidebar, expand Identification and choose Category > Web Application. The filter is applied right away.
Tip - You'll notice "Web Application" in the Category column for all vulnerabilities in the list.
3) You can apply additional filters to refine the list further.
To filter the list for vulnerabilities by severity level, expand Severity Level under Filter Results and choose those severity levels. For example, to search for web application vulnerabilities with confirmed severity level 4 and 5, under Confirmed Severity Level select the check boxes for levels 4 and 5.
Hover over a row and choose View from the Quick Actions menu. Learn more
You can perform the various actions such as edit severity, restore severity, ignore or activate an ignored vulnerability in your KnowledgeBase.
Note: If the actions described here are not available, it means the feature has not been enabled for your subscription. If you want to enable this feature for your subscription, please contact your Qualys Technical Account Manager or Qualys Support and request it.
Permissions Needed: You need to assign the permission named “Update Knowledgebase” in WAS Remediation Permissions for a user to be able to perform the new actions that are introduced for vulnerabilities. Show me
By default, this permission is assigned only to Manager user. If you want other users to be able to perform the actions, you need to explicitly assign Update KnowledgeBase permission to the user.
If the required permissions are assigned, you can:
-Edit the severity
Go to Knowledgebase, select the QID of the vulnerability and then select Edit Severity from the Actions menu. Slide the slider for Custom Level to the level you want to assign to the selected QID. Add a comment to indicate the change or reason for the change and then click Save.
If you have changed the severity of a QID and want to revert it to the Qualys defined severity, select the QID, and select Restore Severity from the Actions menu.
A message is displayed asking confirmation for restoring severity of the QID. Once you confirm, the severity of the QID is restored to the Qualys defined severity.
-Ignore a vulnerability
You can ignore vulnerabilities so they don't appear as actionable issues in the detections list. Go to Knowledgebase, select the QID and select Ignore from the Actions menu. When you ignore a detection, you'll be prompted to give a reason - false positive, acceptable risk or not applicable. The ignored detection's status label is grayed out in the report and in the Detections list. By default, the detection will not appear in future reports on the same web application or scan, until it is reactivated.
-Activate a vulnerability
If you have marked the vulnerability as Ignore and now want to activate the vulnerability, select the QID, and select Activate from the quick actions menu.
A message is displayed asking confirmation for activating the QID. Once you confirm, the QID is not ignored.
Check out: Discovery method | Exploitability | Malware | Configure search lists | Severity levels | Vulnerability categories