Vulnerability Rescan Error - Tenable Rescan

Shashank21
Kilo Explorer

Hi,

I was working on the vulnerability rescan (tenable sc) but getting an error:
Error: Invalid response code received from TenableSCScanner: 403 - Please specify a Scan Zone.
find_real_file.png
Can anyone please help me with this?

3 REPLIES 3

dmathur09
Kilo Sage
Kilo Sage

Hi Shashank,

Refer the community article - https://community.servicenow.com/community?id=community_question&sys_id=ac1eb6b2db6cfc9092bb0b55ca961940

If you think my response is helpful for you? If yes, mark it as correct answer and close the loop so that it would help future readers as well.

Regards,
Deepankar Mathur

@dmathur09 ,

The link you provided is no longer visible. Could you please re-share the correct link ??

 

Regards,
Saumya

Christopher Nan
Tera Expert

Did you ever resolve this on your own? 

 

Ultimately this issue is two fold, it seems when a customer has configured Scan Zones there is an option to remove the Default Scan Zone (which has an ID of 0).  By the Tenable documentation, the Default Scan Zone (ID 0) is "All Zones."

 

For the customer I am working with I (unfortunately) had to modify the TenableSCScanner Script Include to add passing the "zone" parameter.  

 

The Tenable API Docs can be found here:

https://docs.tenable.com/security-center/api/Scan.htm

 

I was a bit lucky as the customer has another Scan Zone configured that is pretty much the same "All Zones" option, so I just added that as a static value in the script include.

 

Otherwise essentially someone (I am in contact with ServiceNow and seeing if we can get this request added) will need to import the Zones from Tenable (docs here: https://docs.tenable.com/security-center/api/Scan-Zone.htm#ScanZoneRESTReference-/zone), then modify the TenableSCScanner script include to dynamically find the Scan Zone by checking if the IP Address that is being requested for a Re-Scan is in the defined zones ipList (one of the fields on the zone).  Then add that zone to the REST call.

 

Hopefully SN will update the integration to support this as it seems like a fairly crucial part of the integration.

 

As for a stop gap as well, you can have the customer add an "All Zones" scan zone that you could then hard code into that script include for the time being as well, which would solve the issue.

 

ChristopherNan_0-1686171406927.png