Identify and escalate security issues in third-party software

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • You can view software vulnerabilities returned from third-party entries to determine remediation. Use this information to match the vulnerable software entries to a Software Asset Management discovery model.

    Before you begin

    Role required: sn_vul.vulnerability_write

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    Procedure

    1. Navigate to All > Vulnerability > Libraries > Third Party.
      A list of vulnerable software downloaded is shown.
    2. Click a software record to view vulnerability information.
    3. Click the following related lists to get more information for identifying vulnerabilities.
      Related listDescription
      Vulnerable Items Lists any vulnerable items, which consist of pairings of a potentially vulnerable configuration item and software. To get more information about a pairing, click the information icon (Information icon).
      Note:
      If software is removed, any associated vulnerable items are closed and removed from the Vulnerable Items related list.
      Vulnerability Entries Lists vulnerability entries for the selected software record. Click a record to view its details.
      If vulnerabilities were identified and vulnerable items were created, you can Resolve remediation tasks, as needed.