Activate or deactivate CVEs for exposure assessment

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • For delta processing of a CVE, you can activate it, thus adding it to the active list of CVEs.

    Before you begin

    Role required: sn_vul_analyst.vul_event_manager

    Note:
    Starting with version 4.0.1 of Vulnerability Exposure Assessment, if a Common Vulnerability Entry (CVE) has not been updated or had vulnerable items (VITs) created in the past 30 days, the exposure assessment record for that CVE is automatically marked as inactive. However, you can manually activate or deactivate these records. Additionally, the scheduled job Check potential vulnerability exposure runs continually to scan for such CVEs to designate them as inactive.

    Procedure

    1. Navigate to Workspaces > Vulnerability Assessment Workspace > Exposure Assessment > Assess by CVE.
    2. Select the required active CVEs and select the Deactivate option.
      The CVEs are deactivated.
      Note:
      To activate software, follow the same process and select the Activate option.
    3. Refresh the page to view the updated status (false) in the Active column.