- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-05-2023 01:54 PM
Hi All,
I have installed Qualys scanner for our VR implementation.
When a Vulnerable item is generated, some of the VITs have the vulnerability marked with a CVE id (Referring to NVD Record) rather than a QID, while others are tagged with a QID (Third Party Id).
is that expected?
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-05-2023 03:17 PM
Qualys imports items into the the Third-Party Vulnerability Entry table (sn_vuln_third_party_entry), where they all have a QID number assigned.
The Third-Party Vulnerability Entry table extends the Vulnerability Entry table (sn_vul_entry). If you look at a record in the TPVE table, you should find it has a 'QID' ID plus a CVE ID under 'Related Links':
I hope that helps 🙂

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-05-2023 03:17 PM
Qualys imports items into the the Third-Party Vulnerability Entry table (sn_vuln_third_party_entry), where they all have a QID number assigned.
The Third-Party Vulnerability Entry table extends the Vulnerability Entry table (sn_vul_entry). If you look at a record in the TPVE table, you should find it has a 'QID' ID plus a CVE ID under 'Related Links':
I hope that helps 🙂