Bug description
Reported on Slack that Tenable (Nessus) deduplication is not working correctly. The description field is used ion the hash code configuration: Tenable Scan": ["title", "severity", "vulnerability_ids", "cwe", "description"]
But the description field contains dynamic data that can change between scans of the same host and the same finding. (the plugin_output field is embedded in the description field).
The hypothisis is that the description field is not needed to identify findings uniquely.
If there are multiple results of the same Tenable plugin (title field), the deduplication for endpoints would be able to separate them based on the port value.
At the time of writing this is an hypothisis that needs to be verified.
Slack discussion: https://owasp.slack.com/archives/C2P5BA8MN/p1741104386658459
Defect Dojo 2.44.1
Bug description
Reported on Slack that Tenable (Nessus) deduplication is not working correctly. The
descriptionfield is used ion the hash code configuration:Tenable Scan": ["title", "severity", "vulnerability_ids", "cwe", "description"]But the
descriptionfield contains dynamic data that can change between scans of the same host and the same finding. (theplugin_outputfield is embedded in thedescriptionfield).The hypothisis is that the description field is not needed to identify findings uniquely.
If there are multiple results of the same Tenable plugin (
titlefield), the deduplication for endpoints would be able to separate them based on theportvalue.At the time of writing this is an hypothisis that needs to be verified.
Slack discussion: https://owasp.slack.com/archives/C2P5BA8MN/p1741104386658459
Defect Dojo 2.44.1