Suppressing a Security Vulnerability Globally
The following procedure is used to suppress a security vulnerability for one or more (or all) versions of an OSS or third-party component associated with your inventory.
To suppress a security vulnerability globally, do the following:
| 1. | As a System Administrator, locate the Vulnerabilities bar graph within the context of a given component version (or inventory item) associated with the vulnerability you want to suppress. You can use the bar graph found in any of the locations described in Contexts for the Vulnerabilities Bar Graph. |
Note:The bar graph is visible only if vulnerabilities exist for the component version.
| 2. | Click anywhere on the Vulnerabilities bar graph. |
The Security Vulnerabilities window is displayed, showing the list of vulnerabilities associated with the component version or inventory item.
Note:If you opened Security Vulnerabilities window from the bar graph in the Inventory Details pane/tab for a given inventory item in the Analysis Workbench or Project Inventory tab, the Suppress column is replaced with an Analyze column showing an Analyze button for each vulnerability. Both buttons give you access to functionality to suppress a vulnerability globally.
| 3. | Locate the security vulnerability that you want to suppress, and click its corresponding Suppress (or Analyze) button. |
The Suppress Vulnerability window is displayed (or, if you clicked Analyze, the Analyze and Suppress Vulnerability window is displayed.).
| • | If the Analyze and Suppress Vulnerability window is displayed, proceed to the next step. |
| • | If the Suppress Vulnerability window is displayed (as shown below), skip to step 5. |
| 4. | (For only the Analyze and Suppress Vulnerability window) Select Global for the Suppression Scope field. The window is automatically refreshed to show the fields for a global suppression. Continue with step 5. |
| 5. | On either the Suppress Vulnerability window or the Analyze and Suppress Vulnerability window, complete all editable fields on the window to define the vulnerability suppression at the global level. For a description of these fields, see Suppress Vulnerability Window or the Fields for Suppressing a Vulnerability at the Global Level topic in the “Analyze or Suppress Vulnerability Window” topic. |
| 6. | Click Suppress. Then click OK in the pop-up to acknowledge that the vulnerability has been successfully suppressed for the specified component versions. |
You are returned to the Security Vulnerabilities window, which no longer lists the suppressed vulnerability. However, if no vulnerabilities remain for the component version on the window, you are returned to the context from which you opened the Security Vulnerabilities window (for example, the Lookup Component window or the Inventory Details tab). The Vulnerabilities bar graph count at this location should be reduced because of the suppressed vulnerability.
In general, a vulnerability that is globally suppressed vulnerability should no longer be reflected in vulnerability counts or be visible for the specified component versions in component lookups or for inventory associated with these versions across all projects. For a description of additional impact of globally suppressing a vulnerability, see Effects of Suppressing a Security Vulnerability Globally.