Ignoring and Unignoring a Vulnerability

Scenario

Some vulnerabilities are risky only in specific conditions. For example, if a vulnerability can be exploited only through an open port, but there are no open ports on the target server, the vulnerability will not harm the server. Such vulnerabilities can be ignored. HSS will still generate alerts when next time it finds the vulnerabilities you ignore before. SecMaster will synchronize the vulnerability information as well. You can also unignore a vulnerability as needed.

This topic describes how to ignore a vulnerability and cancel ignoring a vulnerability.

Procedure

1. Log in to the management console.
2. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 1 Workspace management page
   

4. In the navigation pane on the left, choose Risk Prevention > Vulnerabilities.
   Figure 2 Accessing the vulnerability management page
   

5. On the displayed page, click Linux Vulnerabilities, Windows Vulnerabilities, Web-CMS Vulnerabilities, or Application Vulnerabilities.
6. In the vulnerability list, click the name of the target vulnerability. The vulnerability details page is displayed.
7. Ignore or unignore the target vulnerability.
   • Ignore

     On the Vulnerability Details page, click Affected Resources. In the resource list, locate the row that contains the target resource and click More and then Ignore in the Operation column.

   • Unignore
     1. On the Vulnerability Details page, click Affected Resources. In the resource list, locate the row that contains the target resource and click More and then Cancel Ignore in the Operation column.
     2. In the confirmation dialog box, confirm the information and click OK.