As a vulnerability manager or analyst, you can modify the severity level of Common Vulnerability Entry (CVE) or Third-party Entry (TPE) in the Vulnerability Manager Workspace.
始める前に
Role required:
- sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
- sn_vul.app_sec_manager, sn_vul.app_developer for application vulnerable items (AVITs)
- sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
手順
-
Navigate to .
-
Open the appropriate entry:
- CVEs (NVD): To modify the severity of a CVE.
- TPEs: To modify the severity of a TPE.
-
Select Modify severity from the More Actions icon
-
Select the new severity level from the drop-down.
-
Provide a justification for your update.
-
Select Submit.
注:
- You can revert to the original source severity using the Reset Severity option from the More Actions menu. This option appears only after you modify the
severity.
- The Modified severity field appears only when you change the source severity. If you reset it to the original value, the field is removed.
- The system will use the Modified severity for risk calculations starting from the next scheduled job onwards. If the severity is reset, the original source severity will be applied
instead.