Updated on 2022-02-22 GMT+08:00

Viewing Scan Details

This section describes how to view scan details.

Prerequisites

  • An account and its password have been obtained for logging in to the management console.
  • At least one scan job has been created.

Procedure

  1. Log in to the management console.
  2. Choose Security > Vulnerability Scan Service > Task List.
  3. Click the name of a job.

    Figure 1 Job name

  4. The page displaying details of the job is displayed, including the Scan Details tab. Table 1 describes each part of the page.

    NOTE:

    In the upper right corner, click to download the job report in HTML format.

    Figure 2 Scan details
    Table 1 Parameter description

    Area

    Description

    Operation

    Scan Address

    The default value is the Target Network Address value that you set when creating the job.

    • Click next to the target website to view the following basic information about the website:
      • IP
      • Server
      • Language

    Job Information

    Displays basic information about a job, including:

    • Score: score of the host. The initial score is 100, which will be deducted according to the numbers and levels of vulnerabilities discovered. If no vulnerability is detected, the score remains 100.
    • Website Security Level: Determine the website security level based on the scan results. If no vulnerability is detected, Website Security Level is displayed as Safety. If vulnerabilities are found, it is displayed as medium risk, high risk, or low risk.
    • Total: total number of vulnerabilities and number of vulnerabilities of different levels
    • Started: time to start the scan job
    • Scan Duration: time consumed to complete the scan
    • Scan Strength: scan strength of the website selected when you create a scan job. The deeper the scan strength is, the slower the scan speed is.
    • Scan results: result of a scan job, scanned successfully or failed
    • Click Scan Again or Cancel to re-scan or cancel the scan job.
    • Click More to perform the following operations:
      • Query details of advanced settings.
      • Edit the scan job.

    Scan Details

    Displays the scan types, specific scan items, and the scan result of each scan item.

    Scan result:

    • Safety
    • Danger. In this case, click View details.
    • Scan fails as the domain name is not authenticated. Click Authenticate Now.

  5. Click View details to learn more if the scan result is safety. If there is a risk (such as medium- and high-risk), click View details to check the risk.

    Figure 3 Scan Details

  6. Click the Vulnerability List tab.

    Figure 4 Vulnerability List
    NOTE:

    Shows vulnerabilities detected in a job. One page displays five entries. You can go to the next page for more entries.

    • Click View to view the vulnerability list.
    • Click a vulnerability ID to view the vulnerability details.

  7. Click the Port List tab.

    Port information of the target website is displayed.
    Figure 5 Port List

  8. Click the Site Structure tab.

    NOTE:

    The Site Structure tab page shows locations of vulnerabilities in the target website. If no vulnerabilities have been detected, this page is empty.

    The tab page displays basic information about the target website, including:

    • IP Address: IP address of the target website
    • Server: name of the server used for deploying the target website (for example, Tomcat, Apache httpd, and IIS)
    • Language: development language used by the target website (for example: PHP, Java, and C#.)
    Figure 6 Site Structure