Review Scan Results
Screenshot - Scan results
Once the scan has finished, Acunetix will send you an email with a summary of the results and a link allowing you to access the scan results directly. The scan results show the start and end date of the scan, the duration of the scan and all the alerts that have been identified during the scan. The AcuSensor logo is also displayed when the scan detects and makes use of AcuSensor during a web scan.
Alerts (vulnerabilities) discovered
One of the key components of the scan results is the list of all vulnerabilities found in the scan target during the scan. Depending on the type of scan, these can be either Web Alerts or Network Alerts, and the alerts are categorized according to 4 severity levels:
High Risk Alert Level 3 – Vulnerabilities categorized as the most dangerous, which put the scan target at maximum risk for hacking and data theft.
Medium Risk Alert Level 2 – Vulnerabilities caused by server misconfiguration and site-coding flaws, which facilitate server disruption and intrusion.
Low Risk Alert Level 1 – Vulnerabilities derived from lack of encryption of data traffic or directory path disclosures.
Informational Alert – These are items which have been discovered during a scan and which are deemed to be of interest, e.g. the possible disclosure of an internal IP address or email address, or matching a search string found in the Google Hacking Database, or information on a service that has been discovered during the scan.
Depending on the type of vulnerability, additional information about the vulnerability is shown when you click on an alert category node:
- Vulnerability description - A description of the discovered vulnerability.
- Affected items - The list of files or components which are affected by the alert.
- The impact of this vulnerability – Level of impact on the website, web server or perimeter server if this vulnerability is exploited.
- Attack details - Details about the parameters and variables used to test for this vulnerability. E.g. for a Cross Site Scripting alert, the name of the exploited input variable and the string it was set to will be displayed. You can also find the HTTP request sent to the web server and the response sent back by the web server (including the HTML response).
- How to fix this vulnerability - Guidance on how to fix the vulnerability.
- Detailed information - More information about the reported vulnerability.
- Web references - A list of web links providing more information on the vulnerability to help you understand and fix it.
Grouping of Vulnerabilities
Screenshot – Grouping of vulnerabilities
If the same type of vulnerability is detected on multiple pages, the scanner will group them under one alert node. Expanding the alert node will reveal all the vulnerable pages. Expand further to view the vulnerable parameters for the selected page.
Vulnerabilities Detected by AcuMonitor
An Acunetix web scan will make use of AcuMonitor to detect certain vulnerabilities such as Blind XSS, Email Header Injection, and certain types of SSRF, XXE and Host Header Attacks. AcuMonitor can only detect some of these vulnerabilities after the scan has finished. When this happens, AcuMonitor will update the scan results with the new vulnerabilities detected and you will receive an email notifying you that the scan results have been updated. More information on AcuMontor can be found at http://www.acunetix.com/vulnerability-scanner/acumonitor-blind-xss-detection/.