Viewing All Globally Suppressed Security Vulnerabilities
The following procedure describes how to obtain a view of all security vulnerabilities currently suppressed at the global in your Code Insight instance. Any Code Insight user can access this view. However, only a System Administrator can unsuppress a vulnerability that has been globally suppressed.
To obtain a view of all currently suppressed security vulnerabilities in Code Insight, do the following:
|
1.
|
Click the following icon in the upper right corner of the Code Insight web page to open the Code Insight main menu: |
|
2.
|
Select DATA LIBRARY from the menu to open the Data Library page. |
|
3.
|
Select Suppressed Vulnerabilities tab to view the list of the currently suppressed security vulnerabilities in Code Insight. |
|
4.
|
Click the Global subtab to the list of vulnerabilities suppressed at the global level. From this tab, you can do the following for each suppressed vulnerability: |
|
•
|
Easily see the OSS or third-party component with which the vulnerability is associated and the specific versions of that component for which the vulnerability is currently suppressed. For a description of this tab, see Suppressed Vulnerabilities Tab. |
|
•
|
View details about the vulnerability itself —its advisory, severity, CVSS score, and description. To see these details, click the Information icon next to the vulnerability’s ID. |
|
•
|
View information about the vulnerability’s suppression per component version—the reason for the suppression, the user who suppressed the vulnerability, the date of suppression, and any remarks. To view this information, click the Information icon next to the value in the Affected Versions column. |