are
displayed.Note: This information applies when WAS 1.0 is enabled for your subscription.
The WAS scan history list displays scans that have been launched on web applications when your user account has web application scanning permissions. You may view the scan results for a completed web application scan. Scan results are not available when a web application scan is still running.
This help topic describes the sections and details that appear in your web application scan results when presented in one of these formats: HTML, PDF and MHT. For scan results in XML format, refer to the document Web Application Scan Results in XML (PDF) for a description of the DTD associated with the XML output.
Web application scan results include the following sections:
Vulnerabilities (appears in vulnerability scan results only)
The report summary displays the following information about the web application scan.
section |
Description |
Date |
The date and time the scan was launched. |
Mode |
The web application scan mode: Vulnerability (for a web application vulnerability scan) Discovery (for a web application discovery scan). |
Type |
Indicates whether the scan was run on demand or scheduled. |
Status |
The status of the scan task. The scan status "Finished" indicates that the scan has completed. An additional status message may appear below the Report Summary section and before the details sections. |
Reference |
This is an automatically generated, unique reference number for this scan. A web application scan reference starts with "was/". Example: was/1254206150.19976 |
Scanner Appliance |
This field identifies the perimeter scanner(s) used to launch the scan. For Scanner Appliance users, this field displays the name assigned to the scanner appliance used. Also included: the version of the scanning engine (Scanner), the version of the web application scanning engine (WAS), the version of the Web application (Web), and the version of the vulnerability signatures package (Vulnsigs). |
Duration |
How long the scan took from start to completion. |
Title |
The title assigned to the scan task. If you did not assign a title, then this field does not appear. |
Web Application |
The target web application. These web application settings also appear: Starting Port, Starting URI, and Authentication records. |
Option Profile |
The name of the web application profile applied to the scan task. Click the profile title to link to the Appendix section where you can view the profile settings. |
Summary of Vulnerabilities. (Appears in vulnerability scan results only) This chart shows the total number of vulnerabilities and the number per severity level and per group. Every vulnerability is assigned a severity level.
Summary of Sensitive Content. This chart shows the total number of sensitive content detections and the number per group.
Status Message. A status message may appear to provide additional scan status. See WAS Scan Status for information on all status codes and messages.
Note: This section appears in vulnerability scan results only.
The vulnerabilities found are sorted by group. The vulnerability groups are: cross-site scripting (XSS), SQL injection (SQL), path-based vulnerability (PATH), and other vulnerability information (INFO).
For each group, the report displays vulnerability QID details sorted by severity and QID, and scan results for each QID sorted by URI.
The vulnerability QID section includes: vulnerability title and severity level, a description of the vulnerability, the threat if exploited, and the verified solution.
The scan results section includes:
Authenticated. This field appears
only when the vulnerability was detected by an authenticated scan. The
title of the authentication record used and the authenticated discovery
iconare
displayed.
Form Entry Point. This field appears only when the vulnerability was detected by exploiting a form. The URL where the form was discovered is displayed.
Parameters. The parameters used by the scanning engine to detect the vulnerability.
Payload. The payload associated with the vulnerability.
Result. The scan test results associated with the payload that confirm the presence of the vulnerability.
Sensitive content detections may appear in scan results when sensitive content options were selected for the scan.
The sensitive content detections are sorted by group. The sensitive content groups are: custom sensitive content (CUSTOM), social security number - United States only (SSN-US) and credit card number (CC).
For each group, the report displays sensitive content QID details sorted by severity, QID and payload (if applicable), and scan test results for each QID sorted by URI.
For a sensitive content QID in a CUSTOM group, the QID section includes: vulnerability title, a description of the vulnerability, the threat if exploited, and the verified solution. Each QID displayed will correspond to the QID itself, plus the payload, which corresponds to the sensitive term that was searched. For each URI nested under a QID, the scan test results appear in the Result field.
For a sensitive content QID in a CC or SSN-US group, the QID section includes: vulnerability title, a description of the vulnerability, the threat if exploited, and the verified solution. Each QID is displayed without a payload. For each URI nested under a QID, the scan test results appear in the Result field.
Information gathered for a web application scan are not associated with groups (vulnerabilities or sensitive content).
The report displays information gathered QID details sorted by severity and QID, and scan test results for each QID sorted by URI.
The information gathered QID section includes: information gathered title and severity level, a description, the threat if exploited, and the verified solution.
The scan results section appears in the Results field.
Web Application Profile. The title of the web application profile that was applied to the scan and the various settings in that profile.
Report Legend. The legend displays a description of severity levels defined for web application vulnerabilities and information gathered. Note that vulnerability severity levels appear in vulnerability scan results only.
The following options are available from the File menu:
Print. Click to print your scan results report.
Download. Click to download your scan results report in PDF, HTML pages (ZIP), MHT, XML or CSV format. See Report Formats for information.