When AVIT is created from Invicti, the source severity was High. But then it shows user SecCommon System updated Risk Score and Risk Rating from High to Medium. When checked we could see changes in Vulnerability table sn_vul_app_vul_entry. It too shows sam user has updated the record. When checked with Invicti, the source severity is high at there end. Can anyone tell what does it mean by updated by SecCommon System user. Does source severity gets change after creation and from where it gets changed?
