Qualys metadata values for vulnerabilities
When the kernel metadata, service metadata, and configuration metadata are imported, some values are also retrieved. The values 0, 1 and Not available are processed in the back-end and converted to No, Yes and Empty respectively.
These values are populated in the following columns in the Vulnerability Item Detections and Vulnerability Items list:
- Affects running service column
- Affects exploitable config column
- Affects running kernel columns
Note:
- These columns are not visible by default. For more information on how to configure the form layout, see Configure the form layout
- For older detections, the values for these columns may be empty. To update the data, run a back dated Qualys Host Detection Integration. For more information on how to set the start date, see Optional Qualys modifications.
The following table shows the retrieved values and their significance.
| Field | Value | Significance |
|---|---|---|
| AFFECT_RUNNING_KERNEL | 0 | Vulnerability is found on a non-running kernel. The vulnerability is not exploitable. |
| AFFECT_RUNNING_KERNEL | 1 | Vulnerability is found on a running kernel. The vulnerability is exploitable. |
| AFFECT_RUNNING_KERNEL | Not Available | Vulnerability is not a kernel-related vulnerability. |
| AFFECT_RUNNING_SERVICE | 0 | Vulnerability is found on non-running ports or services. The vulnerability is not exploitable. |
| AFFECT_RUNNING_SERVICE | 1 | Vulnerability is found on running ports or services. The vulnerability is exploitable. |
| AFFECT_RUNNING_SERVICE | Not Available | Vulnerability is not a related vulnerability. |
| AFFECT_EXPLOITABLE_CONFIG | 1 | Vulnerability is not-exploitable due to host configuration. |
| AFFECT_EXPLOITABLE_CONFIG | 0 | Vulnerability is exploitable due to host configuration. |
| AFFECT_EXPLOITABLE_CONFIG | Not Available | Vulnerability is not a related vulnerability. |