Skip to main content

Vulnerability Response

This feature displays scanned targets along with their vulnerability information. However, users can only see vulnerability response information if they use the VA Scanner tool (Website Scanner, API Scanner, Network Scanner). Vulnerability Response Capture

info
  • Vulnerability is the type of vulnerability of the target
  • Status is the current condition of each vulnerability which can be Open (not yet fixed), Fixed (has been fixed), Accepted (accepted vulnerability), False Positive (should be fixed), Ignored (rejected)
  • Severity indicates how serious the target vulnerability is, including its CVSS 3.1 score.
  • Target is the target to be scanned in the form of a domain or IP
  • Scan Date is the time the target was scanned
  • VA Scanner is a VA Scanner tool that can be used in the form of a Website Scanner, Network Scanner or API Scanner
  • History in the form of detailed information about each vulnerability
note

To activate the Change Status and Change Severity buttons, users can click the vulnerability checkbox.

VR Capture

Change Status

To change the vulnerability status, users can follow these steps.

  1. Click one of the vulnerability checkboxes whose status you want to change
  2. Click the Change Status button, then the status options will appear Change Status Capture
  3. Select one of the statuses for the vulnerability, a form will appear to add a reason Reason Severity Capture
  4. Type a reason in the Reason textbox
  5. Click the Change button to change the status and click Cancel if you want to cancel
  6. The status of this vulnerability has changed to Ignored as follows Status Succesfully Capture
  7. On the scan details page, the status of the vulnerability will also change After Change Status Capture

Change Severity

To change the severity of a vulnerability, users can follow these steps.

  1. Click one of the vulnerability checkboxes whose severity you want to change

  2. Click the Change Severity button

  3. Change the vulnerability Severity based on the CVSS score displayed. The CVSS score and vector can be modified as needed to better reflect the actual impact of the vulnerability in your environment Change Severity Capture

    info

    Informational CVSS Score You can refer to the following CVSS score range when determining or adjusting the severity level:

    • Critical: 9.0 - 10.0
    • High: 7.0 - 8.9
    • Medium: 4.0 - 6.9
    • Low: 0.1 - 3.9
    • None: 0.0

    The CVSS score can be modified as needed to better represent the real impact of the vulnerability based on your environment and assessment context.

  4. Type a reason in the Reason textbox Reason Severity Capture

  5. Click the Change button to change the severity and click Cancel if you want to cancel

  6. The severity of this vulnerability has changed to Informational as follows Status Succesfully Capture

  7. On the scan detail page, the severity of the vulnerability will also change After Change Severity Capture

Change View Setting

To change view settings, users can follow these steps.

  1. Click the View Settings button, then the show options will appear Change View Setting Capture
  2. Click the desired show checkbox

View Vulnerability Details

To view the details of each vulnerability, users can follow the steps below.

  1. Click the Details button on one of the vulnerabilities you want to view
  2. Then information about the vulnerability history will appear as follows Vulnerability Details Capture