I have been working on creating a new report template for an vulnerability exception that was recently submitted. My customers would like to suppress a finding on a specific port as there is currently no fix. The vendor that supports the application using the port informs us that there is currently no workaround but they are working on a patch to be released. This presents the issue that I can only figure out how to exclude the entire QID from the report, although it is valid in other places.
So in short, is it possible to exclude the QID findings by port or is this something that is better left alone and they will have to just ignore it from their reports?
Thanks for all of your help,