DAST troubleshooting
This section provides troubleshooting information DAST target and scan errors.
If the scan configuration is not done correctly, or there is a problem with one of the scanners, you will receive an error message while the scan runs, or after it finishes.
Target errors
This section explains how to troubleshoot target errors.
Failed to verify the scan targets
First, check if the verification file has been uploaded correctly. If this is not the case, ensure the website is accessible to the scanner by the following:
- The website should be publicly accessible.
- If protected by a firewall, ensure that the required IP addresses are on your allowlist (check the IP addresses provided previously).
- The credentials must be first configured when the application has an HTTP basic authentication.
Scanner could not log in
Ensure that the website is accessible to the scanner. Check the following actions to make this possible.
- The website should be publicly accessible.
- If protected by a firewall, ensure the required IP addresses are on your allowlist (check the IP addresses provided previously).
- If the application has an HTTP basic authentication, check that the credentials are correct.
- If protected by a login form, ensure that the credentials are correct.
- If the authentication is token-based, ensure they are valid long enough to run a scan (ideally 24h+).
Scan failed for unknown reasons
There might be several reasons causing this error. First, check the following:
- The application is available.
- Login credentials are correct.
- IP addresses are on your allowlist.
If all of these are checked, but are not working, contact Veracode Technical Support.
Scan errors
The following section explains the scan errors you might encounter while using DAST, what they mean, and how to troubleshoot them.
General
| Error code | Description | What to do |
|---|---|---|
| General Error | Unfortunately, the scanner ran into an error, and cannot determine what happened. | Restart the scan. If the error continues to occur, contact Veracode Technical Support. |
| Container Failed | This is an internal error. It means that the scanner failed but did not report the error for unknown reasons. | Restart the scan. If the error continues to occur, contact Veracode Technical Support. |
| Too many redirects | The scanner is allowed to redirect only ten times in a row. Once this amount is surpassed, the scanner cannot go through the redirection again. | Ensure there is no Infinite redirect loop. If it is not clear which URL redirects, contact Veracode Technical Support. |
Application unreachable
| Error code | Description | Resolution |
|---|---|---|
| URL not reachable / application not reachable | The scanner could not access the web application you are trying to scan. | Confirm that the required IP addresses are on your allowlist and that the application is reachable. |
| Connection Timeout | One or more connection timeouts related to the application you are trying to scan. |
|
| Connection Failed | Could not establish a reliable connection with the Scan Target, or the connection dropped throughout the scan. |
|
Authentication
| Error code | Description | Resolution |
|---|---|---|
| HTTP Basic Auth Missing | Your system is using HTTP basic auth protection. However, the scanner has no credentials configured within the target configuration. | Configure the system authentication parameters and restart the scan. |
| HTTP Basic Auth failed | The scanner tried to use the provided HTTP basic auth credentials. However, the Log-In was not successful. This can be due to several reasons:
|
|
API specifications
| Error code | Description | Resolution |
|---|---|---|
| URL Mismatch | The project URL from the frontend and the scanned URL from the Swagger file do not match. |
|
| API Specification parsing failed | While trying to parse the API specification, the scanner detected that it does not follow an OpenAPI 3.1, 3.0, or Swagger 2.0 standard. |
|