Request an exception for a container vulnerable item

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 3분

    • Request an exception for a container vulnerable item (CVIT) that can’t be remediated immediately. For example, as a remediation owner, you can request an exception if a patch isn’t available for a machine.

    시작하기 전에

    Role required: Developer Group

    이 태스크 정보

    You can request an exception for multiple CVITs simultaneously using the Bulk Edit feature in the Vulnerability Manager Workspace. For more information, see Request bulk exception in the Vulnerability Manager Workspace.

    프로시저

    1. Navigate to Container Vulnerability Response > Container Vulnerable Items > All.
    2. Select the item that you want to request an exception for.
      The selected item must be in Open or Under Investigation state.
    3. On the Container Vulnerable Item form, click Request Exception.
      1. On the form, fill in the fields.
        표 1. Request Exception form
        Field Description
        Until Date on which the exception request expires. This date must be within the duration selected in the All > Container Vulnerability Response > Administration > Exception Management screen.
        When the exception request expires, the group reverts to its Open state.
        주:
        Starting with version 1.2 of Container Vulnerability Response, if a vulnerable item was deferred for remediation by using the exception management feature, then in case it is reopened by the scanner, the deferral date set on the vulnerability will still persist. To enable this functionality, set the value of the system property sn_vul.container.auto_defer_cvit_in_active_exception_window to true. Also, the deferred until date persists even after the CVIT gets closed or the exception expires. The role required is sn_vul_container.manage_exception_configuration for both read and write.
        Reason Reason for the exception. Choices are as follows:
        • Risk Accepted
        • Awaiting Maintenance Window
        • Fix Unavailable
        • Mitigating Control in Place
        • Other
        To see how to add new reason choices, see Define a policy reason mapping.
        Additional information Details that are related to the reason why this request is being made. This field is to be updated by the remediation owner.
      2. Submit the exception request by clicking Request Approval.
        The state of the container vulnerable item changes to In Review. Use the State Change Approval tab to track the status of the exception request.