After the vulnerability was detected, the scan was performed again and no vulnerability was detected. : AeyeScan Support Portal

■ In case of over-detection

Some items are judged based on the difference in response content when accessed multiple times and the difference in server response time.

These items may be detected excessively depending on the timing, so if they are not reproduced by "Rescan", they may be over-detected.If "Rescan" does not reproduce the problem, there is a possibility of over-detection.

The reason for detection should include "~the response body changed significantly." is listed as the reason for detection, the content is likely to be over-detected.

■When screen transitions cannot be reproduced

If the page to be detected cannot be reached during rescanning, the vulnerability may not be detected.

Example.)

・The login ID and password have been changed and the user cannot log in.

・The configuration of the page has been changed: A→B→C has been increased to A→B→C'→C, etc.

In this case, it is necessary to review the scan settings and perform the scan again.

After the vulnerability was detected, the scan was performed again and no vulnerability was detected. Print

Related Articles