Incident impacting scans on scanner-appliances

Minor incident Security Center (Europe, Sweden)
2022-09-30 09:10 UTC · 3 weeks, 3 days, 4 hours, 44 minutes

Updates

Resolved

The fix has been confirmed working. Scans work as expected now.

October 24, 2022 · 13:54 UTC
Monitoring

The solution is now applied and confirmed to work across all impacted Scanner Appliances.

This solution is automatically applied when Network scans are running on Scanner Appliances, meaning that the workaround is no longer required.

We will continue to monitor the situation until we finally close this incident.

For any questions, please contact support@holmsecurity.com

October 16, 2022 · 15:19 UTC
Investigating

During the last 24 hours, our Engineers and Security Researchers have come up with a solution to the root-cause issue.

The solution is currently being rolled out with limited availability as we evaluate the result and monitor the Scanner Appliances that are impacted by this issue.

Our goal is to have rolled out the solution to all impacted Scanner Appliances by tomorrow (2022-10-16 end of the day).

A new update on this incident will be shared tomorrow as we gather more data from the result of the applied solution fix.

Please see earlier incident updates to apply a workaround to the issue in case you are in need of it immediately.

If you have any questions, please contact support@holmsecurity.com

October 15, 2022 · 14:33 UTC
Investigating

vOur teams have continued troubleshooting and narrowed down the area where the issue is. There will be some further work required to understand how we remediate it.

The following is a confirmed workaround that returns the Network scans on Scanner Appliances to be working properly.
Note: this is temporary and meant to help return scans to normal for those that are blocked or waiting to be run over the weekend.

Un-authenticated scans
Remove ALL the categories listed below from within the Scan profile.

Authenticated scans
Remove all categories below that are not relevant to the OS you are scanning.

Read more about how to include / exclude HID’s and Categories here: https://support.holmsecurity.com/hc/en-us/articles/360003513651-How-do-I-include-or-exclude-a-specific-vulnerability-in-a-scan-

Vulnerability categories:

  • Fedora Local Security Checks
  • Gentoo Local Security Checks
  • Huawei EulerOS Local Security Checks
  • Mageia Linux Local Security Checks
  • Mandrake Local Security Checks
October 14, 2022 · 19:37 UTC
Investigating

We are continuing to troubleshoot the incident. This incident has our highest priority and we are working together with Security Research and Engineering to isolate and remediate it.

An update will be shared once we make further progress.

October 14, 2022 · 08:13 UTC
Investigating

Troubleshooting of this issue continues and we have isolated the issue to a number of vulnerability tests that causes the scan to misbehave.

We will provide an update as soon as we have more information.

If you have any question, feel free to reach out to support@holmsecurity.com

October 14, 2022 · 07:43 UTC
Investigating

Engineers have continued the troubleshooting and we have isolated a few areas that we are continuing to look into in order to identify the actual root-cause of this issue.

The impact of this issue is spread across a limited set of customers and scanner appliances.

October 3, 2022 · 08:40 UTC
Issue

We are currently investigating an issue with scanner-appliances that is impacting network-scans.
The scanner-appliance is unable to find open ports and won’t scan them and the scan-report contains an info-vulnerability HID-2-1-332880 "(Check for enabled / working Port scanner plugin)"

This incident will receive continuous updates as we make progress on our investigation.

For any urgent matters, contact support@holmsecurity.com.

September 30, 2022 · 09:24 UTC

← Back