diff --git a/src/manage.c b/src/manage.c
index a9a402045..06034a5da 100644
--- a/src/manage.c
+++ b/src/manage.c
@@ -3483,11 +3483,18 @@ cve_scan_report_host_json (task_t task,
  * @param[in]  task      Task.
  * @param[in]  report    The report to add the host, results and details to.
  * @param[in]  gvm_host  Host.
+ * @param[in]  matching_version  The CPE-CVE matching version (0 or 1) to use.
+ *
+ * With version 0 matching, CPEs are only compared to the affected products
+ *  lists of CVEs.
+ * With version 1 matching, CPEs are matched by evaluating the match criteria
+ *  for the CVEs.
  *
  * @return 0 success, 1 failed to get nthlast report for a host.
  */
 static int
-cve_scan_host (task_t task, report_t report, gvm_host_t *gvm_host)
+cve_scan_host (task_t task, report_t report, gvm_host_t *gvm_host,
+               int matching_version)
 {
   report_host_t report_host;
   gchar *ip, *host;
@@ -3533,7 +3540,8 @@ cve_scan_host (task_t task, report_t report, gvm_host_t *gvm_host)
           start_time = time (NULL);
           prognosis_report_host = 0;
 
-          if (sql_int64_0 ("SELECT count(1) FROM information_schema.tables"
+          if (matching_version == 1 &&
+              sql_int64_0 ("SELECT count(1) FROM information_schema.tables"
                            " WHERE table_schema = 'scap'"
                            " AND table_name = 'cpe_match_nodes';") > 0)
             {
@@ -3780,8 +3788,11 @@ fork_cve_scan_handler (task_t task, target_t target)
     }
   free (exclude_hosts);
 
+  int matching_version;
+  setting_value_int(SETTING_UUID_CVE_CPE_MATCHING_VERSION, &matching_version);
+
   while ((gvm_host = gvm_hosts_next (gvm_hosts)))
-    if (cve_scan_host (task, global_current_report, gvm_host))
+    if (cve_scan_host (task, global_current_report, gvm_host, matching_version))
       {
         set_task_interrupted (task,
                               "Failed to get nthlast report."
diff --git a/src/manage_sql.c b/src/manage_sql.c
index c0f2833bd..99635d030 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -16310,6 +16310,17 @@ check_db_settings ()
           "  'User Interface Date Format',"
           "  'Preferred date format to be used in client user interfaces.',"
           "  'system_default' );");
+
+  if (sql_int ("SELECT count(*) FROM settings"
+              " WHERE uuid = '" SETTING_UUID_CVE_CPE_MATCHING_VERSION "'"
+              " AND " ACL_IS_GLOBAL () ";")
+      == 0)
+    sql ("INSERT into settings (uuid, owner, name, comment, value)"
+          " VALUES"
+          " ('" SETTING_UUID_CVE_CPE_MATCHING_VERSION "', NULL,"
+          "  'CVE-CPE Matching Version',"
+          "  'Version of the CVE-CPE matching used in CVE scans.',"
+          "  '0' );");
 }
 
 /**
@@ -53565,6 +53576,8 @@ setting_name (const gchar *uuid)
     return "Feed Import Roles";
   if (strcmp (uuid, SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD) == 0)
     return "SecInfo SQL Buffer Threshold";
+  if (strcmp (uuid, SETTING_UUID_CVE_CPE_MATCHING_VERSION) == 0)
+    return "CVE-CPE Matching Version";
 
   return NULL;
 }
@@ -53605,6 +53618,8 @@ setting_description (const gchar *uuid)
   if (strcmp (uuid, SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD) == 0)
     return "Buffer size threshold in MiB for running buffered SQL statements"
            " in SecInfo updates before the end of the file being processed.";
+  if (strcmp (uuid, SETTING_UUID_CVE_CPE_MATCHING_VERSION) == 0)
+    return "Version of the CVE-CPE matching used in CVE scans.";
 
   return NULL;
 }
@@ -53700,6 +53715,12 @@ setting_verify (const gchar *uuid, const gchar *value, const gchar *user)
         return 1;
     }
 
+  if (strcmp (uuid, SETTING_UUID_CVE_CPE_MATCHING_VERSION) == 0)
+    {
+      if (strcmp (value, "0") && strcmp (value, "1"))
+        return 1;
+    }
+
   return 0;
 }
 
@@ -53794,7 +53815,8 @@ manage_modify_setting (GSList *log_config, const db_conn_info_t *database,
       && strcmp (uuid, SETTING_UUID_LSC_DEB_MAINTAINER)
       && strcmp (uuid, SETTING_UUID_FEED_IMPORT_OWNER)
       && strcmp (uuid, SETTING_UUID_FEED_IMPORT_ROLES)
-      && strcmp (uuid, SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD))
+      && strcmp (uuid, SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD)
+      && strcmp (uuid, SETTING_UUID_CVE_CPE_MATCHING_VERSION))
     {
       fprintf (stderr, "Error in setting UUID.\n");
       return 3;
@@ -53822,7 +53844,8 @@ manage_modify_setting (GSList *log_config, const db_conn_info_t *database,
       if ((strcmp (uuid, SETTING_UUID_DEFAULT_CA_CERT) == 0)
           || (strcmp (uuid, SETTING_UUID_FEED_IMPORT_OWNER) == 0)
           || (strcmp (uuid, SETTING_UUID_FEED_IMPORT_ROLES) == 0)
-          || (strcmp (uuid, SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD) == 0))
+          || (strcmp (uuid, SETTING_UUID_SECINFO_SQL_BUFFER_THRESHOLD) == 0)
+          || (strcmp (uuid, SETTING_UUID_CVE_CPE_MATCHING_VERSION) == 0))
         {
           sql_rollback ();
           fprintf (stderr,
diff --git a/src/manage_sql.h b/src/manage_sql.h
index c7181ac4a..03a4dfe62 100644
--- a/src/manage_sql.h
+++ b/src/manage_sql.h
@@ -152,6 +152,11 @@
  */
 #define SETTING_UUID_USER_INTERFACE_DATE_FORMAT "d9857b7c-1159-4193-9bc0-18fae5473a69"
 
+/**
+ * @brief UUID of 'CVE-CPE Matching Version' setting.
+ */
+#define SETTING_UUID_CVE_CPE_MATCHING_VERSION "2e8a8ccc-219f-4a82-824a-3ad88b6d4029"
+
 /**
  * @brief Trust constant for error.
  */