This repository has been archived by the owner on Apr 28, 2021. It is now read-only.
microscanner scan report differs with Aqua console report #50
Comments
|
Hi @Mel-Github Would it be possible to add a screenshot of the scan results? |
|
Hi Jerbia I have attached 2 documents that I have also submitted into support ticket previously. Apparently microscanner seems to "group" critical vulnerabilities under the "high" category. The attached snapshot shows the scan result using microscanner vs image scanned in Aqua CSP. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I performed a microscanner scan against one of my repository image. I notice that the MicroScanner report is differ from the report that I have registered inside the Aqua console.
I have 2 set of scan report (1 set directly from the MicroScanner output and 1 set generate from rest API). These 2 sets of report does not have any critical vulnerability, the report detected total of 5 high severity vulnerabilities.
However, once this report has been uploaded into Aqua console, the Aqua console has moved one of the high severity vulnerability into "critical" and 4 high severity vulnerabilities.
Somehow one of high vulnerability has been upgraded to "critical" inside Aqua console.
The text was updated successfully, but these errors were encountered: