Hi Community,
I created a search list with some vulnerabilities, i want to ignore. After that i created a remediation policy for these vulns.
I started a new scan and after that scan i created a new report. But the ignored vulns are still in my report.
Can someone explain me why? And what can i do, that these vulns are dont accure in my report until the vulnerabilities are set after a specific time to reopen.
Best regards
Pierre
Hi, are you trying host-based findings or scan-based findings?
If you're doing scan-based, all vulns detected on the selected scans will be reported.
Hi,
i tried both findings. In both of them the ignored vulnerabilities are still in the report...
Best regards
Even though this is in your screenshot, I suggest you double-check a couple of things:
1. Remediation > Tickets - Is the ticket/QID in question, closed for sure?
2. Have you included ignored vulns in your template?
Hey,
i found the problem... I included in my template a Asset Group with some IPs and for some IPs in that Asset Group the vulnerabilites are not closed.
So in my report are still the vulnerabilities listed for these Assets...
Best regards
Hey,
i found the problem... I included in my template a Asset Group with some IPs and for some IPs in that Asset Group the vulnerabilites are not closed.
So in my report are still the vulnerabilities listed for these Assets...
Best regards