Disable or enable risk reduction for a CVE or TPE

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 1분

    • As a Vulnerability Manager and Analyst, you can disable or enable the risk reduction requests for the host vulnerabilities associated with a Common Vulnerability Entry (CVE) or Third-party Entry (TPE) in the Security Exposure Management Workspace.

    시작하기 전에

    Role required: admin

    이 태스크 정보

    The risk reduction for a CVE and TPE is enabled by default.

    주:
    The compensating controls feature is available for host vulnerabilities only.

    프로시저

    1. Navigate to Workspaces > Security Exposure Management Workspace.
      On the Lists page, under Libraries, open one of the following for which you want to disable the risk reduction requests:
      • CVE from the CVEs list.
      • TPEs from the TPEs list.
    2. Select Disable risk reduction.
      The remediation owner can’t request risk reduction for the host vulnerable items related to this CVE or TPE. In other words, the Request for Risk Reduction check box doesn’t appear when the Reason is selected as Mitigating Control in Place on the Request Exception modal.
    3. To enable the risk reduction requests for host vulnerable items, select Enable risk reduction.