In JSA Vulnerability Manager, you can manually
apply a vulnerability exception rule to a vulnerability that you decide
does not pose a significant threat.
If you apply an exception rule, the vulnerability is no longer
displayed in JSA Vulnerability Manager search results.
However, the vulnerability is not removed from JSA Vulnerability
Manager.
- Click the Vulnerabilities tab.
- In the navigation pane, click Manage Vulnerabilities
>By Network.
- Search your vulnerability data. On the toolbar, click Search >New Search.
- Click the Vulnerability Instances column link.
- Select the vulnerability that you want to create an exception
rule for.
- On the toolbar, select Actions >Exception.
- In the Exception Rule field, select an expiry
option.
- To provide a reason for the exception, select a reason
from the Reason list.
- In the Assets field, select your target assets
for the exception rule by choosing from the following options:
To apply the exception to all assets, select Exception
vulnerability for all assets.
To apply the exception to a specific asset, select Exception for specific asset with current IP.
By default, the asset that is associated with the vulnerability
that you selected in Step 5 is selected.
To apply the exception to a specific IP address, CIDR,
or network, enter the details, select your domain and click Add.
If you select a specific network from your network hierarchy,
the exception applies only to the IP addresses in that network. For
example, if an IP address is assigned to two networks in the network
hierarchy, the exception does not apply to that same IP address in
the second network, unless you specify it as an exception.
- In the Notes field, enter comments in the Commentstext box.
- Click Save or Cancel.