- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-20-2025 02:13 PM
I need to see which vulnerability calculator was used for any AVIT, CVITS or VITS, is this possible? I'm not seeing a field on the table that would give me that information and I'm just curious if I'm missing something?
The reason I need to see this is because we've setup a way, not OOB, to change the Risk Rating on specific vulnerable items using those risk calculators, so it would be nice to see which vulnerable items had their Risk Rating changed.
If anyone else has had to "enable" the business to change the Risk Rating on individual vulnerable items, I'd love to hear how you implemented it. We get requests to "lower" Risk Rating or "evaluate actual risk" all the time and our method, while crude, does work to get our teams priorities set straight.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2025 02:35 AM
Depending on whether the calculator rule is based on a template or a script, the name is appended with the details in brackets. To modify or view the basis of the calculator rule, click on any rule and select the Advanced view check box. From the Value type drop-down box, select the required option. If Template is selected, the risk score is updated according to the specified condition in the rule. If Script is selected, you can either add or update the existing script.
The system property sn_sec_cmn.risk_score_changes_add_worknotes helps populate the work notes section. Starting with v25.0.3 of Vulnerability Response, the system property is inactive by default. If you enable it, only then you can see all the changes related to the risk score.
All enabled vulnerability calculators set the selected fields each time a vulnerable item is created, when an associated CI or vulnerability changes, or when the Calculate Risk Score related link in a vulnerable item is used. As an example, the Risk Score is automatically updated on vulnerable item records when the severity value is updated on a vulnerability that is imported. After a vulnerability import has updated a vulnerability score, the recalculate flag is enabled for that vulnerability. The risk scores for the vulnerable items that have the recalculate flag enabled (true) with that vulnerability are recalculated.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2025 02:10 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-23-2025 02:35 AM
Depending on whether the calculator rule is based on a template or a script, the name is appended with the details in brackets. To modify or view the basis of the calculator rule, click on any rule and select the Advanced view check box. From the Value type drop-down box, select the required option. If Template is selected, the risk score is updated according to the specified condition in the rule. If Script is selected, you can either add or update the existing script.
The system property sn_sec_cmn.risk_score_changes_add_worknotes helps populate the work notes section. Starting with v25.0.3 of Vulnerability Response, the system property is inactive by default. If you enable it, only then you can see all the changes related to the risk score.
All enabled vulnerability calculators set the selected fields each time a vulnerable item is created, when an associated CI or vulnerability changes, or when the Calculate Risk Score related link in a vulnerable item is used. As an example, the Risk Score is automatically updated on vulnerable item records when the severity value is updated on a vulnerability that is imported. After a vulnerability import has updated a vulnerability score, the recalculate flag is enabled for that vulnerability. The risk scores for the vulnerable items that have the recalculate flag enabled (true) with that vulnerability are recalculated.
Thanks