View Qualys VM Scan Status

After the scan completes, go to Qualys VM Scan Results. Click the Summary tab. The report has a header and four sections: Results Summary, Confirmed Vulnerabilities, Potential Vulnerabilities and Pass/Fail Criteria Results Summary.

The Header shows along with other information scan evaluation pass/fail status based on the scan results and evaluation criteria configured, scan completion status and scan report link for viewing the report on the Qualys Portal. Results Summary shows the scan launch date, duration, and other details. Confirmed and Potential Vulnerabilities show graphical break up of confirmed and potential vulnerabilities by vulnerability severity type. Move your mouse over the graphical chart to view the number of vulnerabilities for each category of severity.

The Pass/Fail Criteria Results Summary section shows the pass/fail criteria and whether they are violated or satisfied. When the criteria are violated, the icon is shown while for satisfied criteria, the icon is shown.

Move the mouse over the and icons to view the value that you have configured for the criteria, and the actual value obtained after the scan.

The Vulnerabilities tab lists the vulnerabilities found in the VM scan and their details. We show you the details, including QIDs, vulnerability titles, CVE IDs, severity, type, bug traq IDs, and whether a vulnerability is a PCI vulnerability or not.

You can use the filters at the top to find vulnerabilities by severity and type (potential, confirmed). The PCI Vuln filter allows you to find PCI-related vulnerabilities.

When selected, the Exploitable and Associated Malware filters list the vulnerabilities for which exploitability and associated malware information is present in the Qualys knowledgebase.

When expanded, each row shows CVSS v2 and v3 Base and Temporal scores and the corresponding CVE IDs for the vulnerability.