Update the Vulnerability Assessment record, post it’s creation. Based on the field's values you can calculate the risk score.

Before you begin

Role required: sn_vul_analyst.vul_event_manager

About this task

After the primary CVE is added to the vulnerability assessment, the record is moved to a Pending Assessment state. You can further add other related CVEs in the Vulnerability Entriestab or add the products affected by this vulnerability from the Affected Products tab. You can make further modifications to the Risk Assessment fields and the Risk Score for the assessment record is automatically updated accordingly.

Procedure

  1. Navigate to All > Vulnerability Assessment Workspace > Vulnerability Assessment.
  2. On the Details tab, update the fields.
  3. Navigate to the Vulnerability Entries tab to add associated or related CVEs.
    1. Select New.
    2. Search for the record in the Vulnerability entry field.
    3. Select the vulnerability record you want to associate with the assessment record.
    4. (Optional) Select Browse to browse and attach a file.
    5. Select Save.
    The vulnerability records you selected are added to the assessment record and display in the Vulnerabilities Entries tab.
  4. (Optional) Add affected products.
  5. Add related link to the assessment record.
  6. Modify the Risk Attributes for the primary CVE associated with the vulnerability assessment event record.
  7. Enter relevant comments in the Compose field.
    • Enter your work notes in the Work notes (Private) field.
    • Enter your comments (visible to everyone) in the Comments field.
  8. Save the assessment record.
    Based on the updates you made to the Risk attribute fields for the primary CVE or the affected product associated with the assessment record, the Risk score field is automatically updated.
    Note: To modify the base system risk score calculator rules or criteria, navigate to All > Vulnerability Assessment Calculators > Vulnerability Assessment Risk Calculator > Vulnerability Assessment Risk Rule. You can add criteria and modify the field level weightage to existing criteria as needed.

What to do next

Perform an initial assessment of the event record.

Delete associated CVEs or affected products from the vulnerability assessment record

Delete a vulnerability event record if it is no longer required.

Before you begin

Role required: sn_vul_analyst.vul_event_manager

About this task

You can delete CVEs or affected products associated with the vulnerability assessment record. You can only delete vulnerability entries/associated CVEs or affected products if they are in New or Pending assessment states.

Procedure

  1. Navigate to All > Workspaces > Vulnerability Assessment.
  2. Select the vulnerability assessment record.
  3. Select the Vulnerability Entries tab or the Affected Products tab.
  4. Select the associated CVE or the affected product record.
  5. Select Delete.
    Note: The Delete button displays only for an assessment record when they are in New or Pending Assessment states.