It would appear that the lower limit for medium risk vulnerabilities in OpenVAS is 2.0, whereas in Nessus and our external ASV scans the lower limit is 4.0; this is the limit accepted by our security assessor for PCI.
Is there a way to change the OpenVAS risk limits to reflect what our security assessor expects to see i.e. Low is 0.0 to 3.9, Medium is 4.0 to 6.9 and High is 7.0 to 10.0. Many thanks. Dave.
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
