Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.
  • Madrid
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store

Create a third-party vulnerability

Log in to subscribe to topics and get notified when content changes.

Create a third-party vulnerability

Vulnerabilities are created automatically when records are downloaded from third-party integrations. There are cases, like physical security vulnerabilities, when you may want to manually add vulnerability records.

Before you begin

Role required: sn_vul.vulnerability_write


  1. Navigate to Vulnerability > Libraries > Third-party.
  2. Click New.
  3. Fill in the fields on the form, as appropriate.
    Field Description
    ID Enter an identifier for this vulnerability entry. This label for the vulnerability entry must be unique.
    Source Enter an origin for the vulnerability — whether a scanner or physical test.
    Remediation type Choose a type of remediation action required.
    Choices are:
    • Patch
    • Configuration change
    • Patch and Configuration change
    • Countermeasure
    Public Exploit Determine whether there are public exploits of this vulnerability.
    Choices are:
    • Yes
    • No
    • Unknown
    Active Exploit Determine whether there is an active exploit of this vulnerability.
    Choices are:
    • Yes
    • No
    • Unknown
    Date published Enter the date the vulnerability was published.
    Last modified Enter the date the vulnerability was modified.
    Category Enter a category type. Used to categorized vulnerability entries.
    Severity Enter a severity for this vulnerability.
    Summary Add text description of the vulnerability.
    Threat Add text to describe the threat from this vulnerability.
    Solution Add text to describe the remediation.
  4. Click Submit.
    Related list tabs for Vulnerability References and Items are available. When you submit the vulnerability, it is listed in the Third-party Vulnerability Entries.
    Third-party vulnerability form