Exception request for a single instance of a vulnerability

Anybody able to successfully submit a exception request for a single instance within a vulnerability?

For example I have an asset that has 4 vulnerable instances under a single vulnerability for an asset and would like to create an exception on only 1 of those instances. When I kick-off the vulnerability exception process for that ‘single instance’ it seems to add all 4 of those in the exception request even when I choose 'Single instance of a vulnerability’ from the drop down options.



1 Like

I experienced the same problem and noticed that if I export the vulnerability instances as csv, the field “key” is not populated anymore. I have some old exports where the filesystem path is documented there Maybe the exception “specific instance on this asset” references “key”.

This is really anoying - 200+ exceptions I added this way are now not working correctly anymore. They do not match the vulnerability instances with no entry in “key”

1 Like

Yes that’s correct, I have noticed that the ‘Key’ is being merged under ‘Proof’ when exported to CSV file, The column ‘Key’ is present in the CSV file but its empty.

So it looks like something changed the way the exports work.

1 Like

It looks like they have fixed the CSV export functionality. I just did an export of Vulnerable Instances and the 'Key’ column and the ‘Proof’ column are being populated correctly.

It looks like this is working now. I noticed the 'Key’ column being populated in the exports, which got me thinking to check the API’s and then noticed that it was also being populated there.

As the ‘Key’ value is being populated this serves as differentiator for the Vulnerability exceptions so after kicking off the vulnerability exception process by selecting the ‘Single instance of a vulnerability’, it magically works.


1 Like