Defender for Cloud VA2065 baseline buttons not responding for SQL Server vulnerability assessment

Question

Defender for Cloud VA2065 baseline buttons not responding for SQL Server vulnerability assessment

A V Reddy (MAQ LLC) 0 Microsoft External Staff

Summary:

I am trying to remediate vulnerability finding VA2065 ("Server-level firewall rules should be tracked and maintained at a strict minimum") on an Azure SQL Server resource using Microsoft Defender for Cloud's Vulnerability Assessment feature.

Environment:

Azure SQL Server (logical server)
Microsoft Defender for SQL enabled
Vulnerability Assessment configured and scanning successfully
Last scan completed on 4/27/2026

Issue:

When I navigate to the VA2065 finding under Defender for Cloud > Recommendations > "SQL databases should have vulnerability findings resolved," the finding shows multiple server-level firewall rules with status "Not in Baseline."

When I click either the "Add all results as baseline" or "Remove all from baseline" buttons, nothing happens. There is no error message, no loading indicator, and no change in the status of the findings. The page remains unchanged after clicking.

Steps to Reproduce:

Open Microsoft Defender for Cloud in Azure Portal
Go to Security posture > Recommendations
Select "SQL databases should have vulnerability findings resolved"
Select the affected SQL Server and its master database
Open finding VA2065
Click "Add all results as baseline" or "Remove all from baseline"
Observe that no action occurs

Expected Behavior:

Clicking "Add all results as baseline" should update the baseline and mark the finding as resolved upon the next scan.

Actual Behavior:

Neither button produces any visible effect. The finding remains in Unhealthy status.

Question:

Is there a known issue with the VA2065 baseline functionality?
Are there alternative methods to update the baseline (e.g., REST API, PowerShell, or T-SQL)?
Are there any required permissions beyond Contributor that are needed to modify the vulnerability assessment baseline?

Thank you for your help.

Pilladi Padma Sai Manisha 7,800 Reputation points Microsoft External Staff Moderator

2026-05-15T07:15:22.6833333+00:00
Hi A V Reddy (MAQ LLC),
Thankyou for reaching microsoft Q&A!

Based on your description, the Vulnerability Assessment scan is completing successfully, but the portal UI action for updating the baseline does not appear to be responding. This can sometimes occur due to portal-side UI issues or insufficient permissions for baseline write operations.

Could you please try the following:

Trigger a fresh VA scan and check if the baseline action works afterward.

Test from an incognito/private browser session or another browser. Verify whether the account has Owner / SQL Security Manager permissions in addition to Contributor access.

As a workaround, you can also update the baseline using Azure REST API / CLI:

Microsoft documentation: https://learn.microsoft.com/azure/defender-for-cloud/express-configuration-azure-commands

Reference for VA findings and baselines: https://learn.microsoft.com/azure/defender-for-cloud/configure-vulnerability-findings-express

VA2065 rule reference: https://learn.microsoft.com/azure/defender-for-cloud/sql-azure-vulnerability-assessment-rules

If the issue persists, please share:

whether the environment uses Express or Classic VA configuration, whether the issue reproduces across browsers, and any browser console/HAR errors while clicking the baseline buttons.

1 answer

Your answer

Pilladi Padma Sai Manisha 7,800 Reputation points Microsoft External Staff Moderator

2026-05-15T07:15:22.6833333+00:00

Hi A V Reddy (MAQ LLC),
Thankyou for reaching microsoft Q&A!

Based on your description, the Vulnerability Assessment scan is completing successfully, but the portal UI action for updating the baseline does not appear to be responding. This can sometimes occur due to portal-side UI issues or insufficient permissions for baseline write operations.

Could you please try the following:

Trigger a fresh VA scan and check if the baseline action works afterward.

Test from an incognito/private browser session or another browser. Verify whether the account has Owner / SQL Security Manager permissions in addition to Contributor access.

As a workaround, you can also update the baseline using Azure REST API / CLI:

Microsoft documentation: https://learn.microsoft.com/azure/defender-for-cloud/express-configuration-azure-commands

Reference for VA findings and baselines: https://learn.microsoft.com/azure/defender-for-cloud/configure-vulnerability-findings-express

VA2065 rule reference: https://learn.microsoft.com/azure/defender-for-cloud/sql-azure-vulnerability-assessment-rules

If the issue persists, please share:

whether the environment uses Express or Classic VA configuration, whether the issue reproduces across browsers, and any browser console/HAR errors while clicking the baseline buttons.

Answer 1

This is likely a portal/UI issue or permission gap with Defender for SQL VA baseline updates rather than a configuration problem.

Check below:

Ensure you have SQL Security Manager or Owner role (Contributor alone may not update VA baselines).
Try updating baseline via Azure Portal → SQL Server → Microsoft Defender → Vulnerability Assessment (not from Recommendations blade).
If buttons still do nothing, use PowerShell/REST API (Set-AzSqlServerVulnerabilityAssessmentBaseline) as a workaround.
If it persists, open a Microsoft support ticket—this behavior is commonly due to a backend/portal bug with VA2065 baseline actions not applying.

Share via

Defender for Cloud VA2065 baseline buttons not responding for SQL Server vulnerability assessment

1 answer

Your answer