Request an exception for a vulnerable item

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:5分

    • Request an exception for a vulnerable item (VI) that can’t be remediated immediately. For example, as a remediation owner, you can request an exception if a patch isn’t available for a machine.

    始める前に

    Role required: sn_vul.remediation_owner

    このタスクについて

    重要:
    You can request exceptions from the Vulnerability Manager and IT Remediation Workspaces. For more information, see Request exceptions for remediation tasks and records in the Vulnerability Manager Workspace and Request an exception in the IT Remediation Workspace.
    You can also request exceptions for VIs in the classic environment.
    注:

    Starting from v21.0 of Vulnerability Response, you can configure the time frames for approving false positives and exceptions, along with email notifications for both the approver and requester after a set number of days. When a request is raised, the vulnerable item changes to In-Review status and a state change record is created. If the approver doesn't respond within the configured time frame, the vulnerable item or remediation task reverts to Open status. The previous state is stored in the backup_state field. For more information, see Configure approval rules for Exception Management.

    手順

    1. Navigate to Vulnerability Response > Vulnerable Items > All.
    2. Select the item that you want to request an exception for.
      The selected item must be in Open, Under Investigation, or Awaiting Implementation state.
    3. On the Vulnerable Item form, click Request Exception.
    4. If Vulnerability Response is selected in the Exception Management screen, fill in the fields in the Request Exception form.
      表 : 1. Request Exception form
      Field Description
      Until Date on which the exception request expires. This date must be within the duration selected in the All > Vulnerability Response > Administration > Exception Management screen.
      When the exception request expires, the group reverts to the Open state.
      注:
      Starting with version 18.0 of Vulnerability Response (VR), if a vulnerable item was deferred for remediation by using the exception management feature, then in case it is reopened by the scanner, the deferral date set on the vulnerability will still persist. To enable this functionality, set the value of the system property sn_vul.auto_defer_vit_in_active_exception_window to true. Also, the deferred Until date persists even after the vulnerable item gets closed or the exception expires. The role required is sn_vul.manage_exception_configuration for both read and write.
      Reason Reason for the request. Choices are:
      • Risk Accepted
      • Awaiting Maintenance Window
      • Fix Unavailable
      • Mitigating Control in Place
      • Other

      To see how to add new reason choices, see Define policy reason mapping.
      Additional information Details that are related to the reason why this request is being made. This required field is to be updated by the remediation owner.
    5. Submit the exception request by clicking Request Approval.

    タスクの結果

    The state of the vulnerable item changes to In Review. Use the State Change Approval tab to track the status of the exception request.