Remove assignments from vulnerable items and remediation tasks

  • Release version: Xanadu
  • Updated May 29, 2025
  • 3 minutes to read

    • Clear the Assigned to and Assignment group fields on vulnerable item records in the Vulnerability Response, Application Vulnerability Response, and Container Vulnerability Response applications.

    Before you begin

    Roles required:
    • sn_vul.remediation_owner or sn_vul.vulnerability_analyst for vulnerable items (VITs) and remediation tasks (VULs).
    • sn_vul.app_sec_manager for Application Vulnerability Response vulnerable items (AVITs) and remediation tasks (AVULs).
    • sn_vul_container.remediation_owner or sn_vul_container.vulnerability_analyst for container vulnerable items (CVITs) and remediation tasks (CVULs).

    About this task

    The Unassign UI action is supported in both the classic environment and the workspaces for the following records in any state other than Closed or Resolved:
    • Remediation tasks (VULs, AVULs, and CVULs). If a remediation task is updated with this feature, the Assigned to and Assignment group fields on all of its associated VITs that have the same assignment group are also cleared.
    • Vulnerable items (VITs).
    • Application vulnerable items (AVITs).
    • Container vulnerable items (CVITs).
    Important:
    You can unassign host vulnerable items in bulk in the Vulnerability Manager Workspace. For more information, see Using bulk edit in the Vulnerability Manager Workspace.

    Procedure

    1. In either the classic environment, or in the IT Remediation Owner Workspace, navigate to a vulnerable item (VIT) record that is assigned to you that is in any state other than Closed or Resolved.
    2. To clear the Assigned to and Assignment group fields in the classic view, at the top of the record, select Unassign.
    3. Alternatively, navigate to a vulnerable item (VIT, AVIT, or CVIT) record in the IT Remediation workspace that is assigned to you or your groups and click Unassign in the More options menu (The three dots of the More options menu) to clear the assignment fields.
    4. For remediation task records in the workspace that are assigned to you or your groups, open a record select Unassign in the More options menu (The three dots of the More options menu) to clear the assignment fields.
    5. In the Unassign dialog for both vulnerable items and remediation tasks, provide work notes and select Submit.
      The state change approval request is submitted for approval.
      Note:
      For remediation tasks, you are notified that the Assigned to and Assignment group fields on all of a remediation task's associated VITs are also cleared.

      After the request to clear the fields is approved for a remediation task, all the Assigned to and Assignment group fields on its vulnerable items that have the same assignment group are also unassigned. If any vulnerable item has a different assignment group than its associated remediation task, it is not unassigned. In most cases these vulnerable items have been manually assigned.

    6. View the following information:
      • The work notes that you provided is displayed in the Notes section.
      • On the State Change Approval tab, the state change approval record displays with the In Review state, which helps to track the approval workflow.
      • On the Requested Approvals tab, your request for the removal of you or your assignment group is displayed in the Requested state.

    Result

    The request is approved by using a default, one-level approval workflow. For more information, see Approve or reject an unassign request in Vulnerability Response.

    • If your request is approved, the state change approval record and the requested approval record transition to the Approved state. You and your groups are removed from the Assigned to and Assignment group fields. Unassigned is displayed in the Assignment type field, and the remediation task and VITs are displayed in the list of the Unassigned module for each product.

      Notifications that records are unassigned are sent automatically to vulnerability managers or analysts in the Unassign notification group. To configure the approval flag, notifications, and default assignment group, see Removing assignments from vulnerable items and remediation tasks.

    • If your request is rejected, the state of the change approval record and requested approval record transition to the Rejected state.
    Note:
    As a vulnerability administrator, you can set the sn_vul.unassign_vr.approval_required system property to false to disable the approval process.

    What to do next

    Navigate to the Unassigned modules for the Vulnerability Response and Application Vulnerability Response Container Vulnerability Response applications, monitor any unassigned records for items that might fall under your scope, and reassign them to yourself.