We are taking a look at our vulnerability and trending for vulnerability tracking. During this I've noticed that vulnerabilities go from active to reopened, how this is possible?
Looking at the documentation it seems that a vulnerability can be reopened if it was marked as fixed then detected again. In the data that I'm looking at, it never goes to fixed just active to reopened.
Has anyone seen this, or have experience in fixing this? It's making tracking open, closed, and active vulnerabilities difficult in our environment.