Do you have a comment or suggestion to improve SQL Server? We’d love to hear it!

Unable to Invoke-SqlVulnerabilityAssessmentScan via PowerShell to run SQL Vulnarability Assessment Tool.

We are looking to call the Invoke-SqlVulnerabilityAssessmentScan to run the SQL Vulnerability scans via PowerShell.. We want to invoke this call for all the SQL Databases in the SQL Instance and want to export the JSON files into a folder.

Here is the command via PowerShell:

Invoke-SqlVulnerabilityAssessmentScan -ServerInstance "<SQL Server Name>" -DatabaseName "<DatabaseName>" -ScanId "Scan_01"

We are getting the following error:

Invoke-SqlVulnerabilityAssessmentScan : Error setting value to 'c_schema' on 'DataSec.VA.Core.Model.RuleDefinition.VARuleSet'.
At line:10 char:4
+ Invoke-SqlVulnerabilityAssessmentScan -ServerInstance $instance_w ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Invoke-SqlVulnerabilityAssessmentScan], JsonSerializationException
+ FullyQualifiedErrorId : Newtonsoft.Json.JsonSerializationException,Microsoft.SqlServer.Management.PowerShell.VulnerabilityAssessment.InvokeVulnerabili

Could you please help us address this issue. Thanks.

4 votes
Sign in
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Aravin Rajendra shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: Microsoft
Signed in as (Sign out)
  • AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) commented  ·   ·  Flag as inappropriate

    The error you report indicates that we are unable to read the Vulnerability Assessment rule store which is embedded as a resource in one of the SqlServer module’s dlls.
    Unfortunately, we have been unable to reproduce this error. Perhaps you can provide some more information on how to reproduce. Specifically:
    1. What environment are you running on? Are there any special restrictions applied to your PowerShell environment?
    2. Have you tried on other machines? Does it reproduce there too?
    3. Are you running just the Invoke-SqlVulnerabilityAssessmentScan cmdlet or is something taking place before that? What happens when you just run the one command?
    4. Any other information that you think may be pertinent to reproducing?

Feedback and Knowledge Base