Oracle Cloud Infrastructure Documentation

Listing Vulnerabilities in a Host Scan

View details about potential OS vulnerabilities that were detected on a specific Compute instance.

Oracle uses common vulnerabilities and exposures (CVE) numbers to identify security vulnerabilities for operating systems and other software, including critical patch updates and security alert advisories. CVE numbers are unique, common identifiers for publicly known information about security vulnerabilities. View Qualys IDs (QIDs) in the Vulnerability Scanning service user interface.

Qualys ID (QID) numbers are unique identifiers assigned by Qualys to identify security vulnerabilities. View QIDs in the Vulnerability Scanning service user interface or in the Qualys VMDR user interface on the Vulnerabilities Tab.

Because Oracle Linux and other enterprise Linux distributions back port security fixes to the version that's included in a specific major release, the Vulnerability Scanning service can incorrectly report vulnerabilities on OS packages that have already been fixed. Also, the Vulnerability Scanning service can incorrectly report Oracle Linux vulnerabilities that were fixed by Ksplice. See Troubleshooting the Vulnerability Scanning service.

You can also use vulnerabilities reports to browse all vulnerabilities that the Vulnerability Scanning service detected.

    1. Open the navigation menu and click Identity & Security. Under Scanning, click Scanning Reports.
    2. Select the compartment in which you created the target.
    3. Click the Hosts tab if not already selected.
    4. (Optional) Select dates in Scan start date and Scan end date.

      By default, only the most recent scan reports are displayed. To view older reports, choose specific start and end dates.

      Or, click Scan start date and click either Past 7 Days or Past 30 Days.

      Click Reset at any time to set the risk level and date ranges back to the default values.

    5. Click the name of the host scan.
    6. Click Vulnerabilities.

      The following details are shown for each issue detected in this Compute instance:

      • Issue ID
      • Risk level
      • Issue description
      • Last detected
      • First detected
      • Cause and remediation
    7. Click an Issue ID to view more details about a specific vulnerability.
    8. Click the View detail button in the Cause and remediation column to see more information for a vulnerability.
      • Name
      • Cause
      • Locations
      • Remediation

  • Use the oci vulnerability-scanning host vulnerability list command and required parameters to retrieve a list of the vulnerabilities for a host in a compartment:

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/vulnerability-scanning/host/vulnerability/list.html#cmdoption-compartment-id
oci vulnerability-scanning host vulnerability list --compartment-id $compartment_id

    For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

  • Run the ListHostVulnerabilities operation to retrieve a list of the vulnerabilities for a host in a compartment.