Scan Results Review

This section helps you interpret the results of scans that use Tenable's HashiCorp Vault integration.

Plugin Families and Plugins

The following Tenable plugins are relevant to scans using the HashiCorp Vault integration.

Settings plugin family:

Plugin Description
Integration Status (204872) Reports an overall success or failure of the PAM integration.
SSH settings (14273) Reads the SSH PAM credential configuration and calls the HashiCorp Vault integration to retrieve credentials for SSH targets. This plugin is not indicative of authentication issues by itself; authentication failures are reported by the credential status plugins.
Login configurations (10870) Reads Windows (SMB) credential configuration and calls the HashiCorp Vault integration to retrieve credentials for Windows targets.
Database settings (33815) Reads database credential configuration and calls the HashiCorp Vault integration to retrieve credentials for database targets.
Nessus Scan Information (19506) Reports metadata about the scan including whether credentialed checks were successful. Check this plugin result first when investigating authentication issues.
Target Credential Issues by Authentication Protocol - No Issues Found (110095) Indicates that credentials were provided and authentication succeeded for all targeted protocols. A result from this plugin confirms that the HashiCorp Vault integration returned credentials and the scanner successfully authenticated.
Target Credential Status by Authentication Protocol - Failure for Provided Credentials (104410) Indicates that credentials were provided but authentication to the target failed. This may indicate that the credentials retrieved from HashiCorp Vault are incorrect or do not have sufficient permissions on the target host.
Target Credential Status by Authentication Protocol - Valid Credentials Provided (141118) Confirms credential validity by successfully authenticating to the remote target via the available protocol. This plugin confirms that credentials sourced from HashiCorp Vault were valid for the authentication process. For the SNMPv3 credential type, it specifically verifies authentication through the credentials supplied by HashiCorp.
Target Credential Status by Authentication Protocol - No Credentials Provided (110723) Indicates that no credentials were available for the targeted protocol. If this appears when a HashiCorp Vault credential is configured, the integration likely failed to retrieve the secret.
Target Credential Issues by Authentication Protocol - Intermittent Authentication Failure (117885) Indicates that authentication succeeded for some targets but not others, which may point to per-target credential differences or intermittent HashiCorp Vault connectivity issues.
Database Authentication Failure(s) for Provided Credentials (91822) Indicates that the database credentials retrieved from HashiCorp Vault could not authenticate to the target database. Check the Credential ID and that the secret contains a valid username and password for the target database.