cancel
Showing results for 
Search instead for 
Did you mean: 
bog
Level 7

Ignoring vulnerabilities

Jump to solution

Is it just me or is anyone else not satisfied with the reports available in McAfee Vulnerability Manager?

I'm using v7 and havespent alot of time reviewing vulnerabilities and "ignoring" them so they don't appear in reports.  I still find the vulnerabilities in the repoerts.  Grrrr.

0 Kudos
1 Solution

Accepted Solutions
jldunn
Level 10

Re: Ignoring vulnerabilities

Jump to solution

Hi Bog,

It's been months, so I expect you've figured this out by now.

Based on my testing and what I've read, 'ignored' tickets (vulnerability instantiations) are 'ignored' (i.e. don't appear on) scan reports.

Asset reports are not affected by ignored tickets.  (Or so it seems.)

I'll edit or delete this message if I find out differently.

J.

0 Kudos
5 Replies
ajacobs
Level 12

Re: Ignoring vulnerabilities

Jump to solution

Hi bog,

I've moved your post to our official MVM area for better visibility by other product experts.

0 Kudos
cgrim
Level 13

Re: Ignoring vulnerabilities

Jump to solution

Hi Bog,

What version of MVM are you using?  I just attempted to reproduce this in Version 7.0.1 and I don't see the problem.

To confirm the *correct* behavior here were my steps:

1.  Ensure Ticketing is enabled for the scan (reports Tab, Remediation Options, "create remediation tickets" is checked)

2.  Run a scan against a target with known vulnerabilities

3.  Search Tickets matching the scan name from step 2 above

4.  Open one of the tickets, and click the radio button for "Change ticket status to..." and choose "Ignored" from the drop-down, click Submit.

5.  Re-run the scan from step 2 above, view the report, and note the Ignored vulnerability from Step 4 above does NOT appear on the report.

6.  Copied the scan to another Scan Configuration, ran it, and the ignored Vulnerability isn't showing up on that report either.

Please advise if you're running a different version or if your steps deviate from mine.  if you're still having issues, you should get a support case opened to address it.

-Cathy

< 1/7/2011  at 4:03PM edited to add step 6 >

Message was edited by: Cathy Grim on 1/7/11 6:00:58 PM CST
0 Kudos
argyris
Level 7

Re: Ignoring vulnerabilities

Jump to solution

Hi Cathy,

If you don't have Remediation in Foundstone v6.8, what is the way to exclude (ignore) vulnerabilities for future reports?

Do I need to follow another procedure?

Thank you

0 Kudos
mmsmith
Level 7

Re: Ignoring vulnerabilities

Jump to solution

argyris,

I just had a similar support issue on this and they referred me to this KB:

https://kc.mcafee.com/corporate/index?page=content&id=KB57729

You will also need to call support and ask them to send you the FSDBUtil tool. This will give you the ability to exclude specific vulnerability checks globally.

Michael

0 Kudos
jldunn
Level 10

Re: Ignoring vulnerabilities

Jump to solution

Hi Bog,

It's been months, so I expect you've figured this out by now.

Based on my testing and what I've read, 'ignored' tickets (vulnerability instantiations) are 'ignored' (i.e. don't appear on) scan reports.

Asset reports are not affected by ignored tickets.  (Or so it seems.)

I'll edit or delete this message if I find out differently.

J.

0 Kudos