Accepting CVE Risks

  • EF
  • CW

by Aaron Alquillera

 Prev Next

Please see our Vulnerability Management Overview article for more information about vulnerabilities.

When you review CVEs in Vulnerability Management, you can assess each one based on factors like severity, exploitability, and how it relates to your business needs. Sometimes, you might decide not to remediate a CVE right away. For example, maybe the latest patch isn’t available yet, the issue is low priority, or the affected application is essential to your workflow and you’ve decided the risk is acceptable for now.

Kandji gives you two options for accepting CVE risks:

  • Accept risk indefinitely: This permanently acknowledges the risk for the selected CVE. Notifications and log events for that CVE will be suppressed.  

  • Accept risk until a specific date: This temporarily accepts the risk until the date you choose. After that date, the CVE returns to active status, and notifications and log events resume.

You can also reverse your decision at any time. If you “un-accept” the risk, the CVE is treated as active again, and notifications and log events will start up where they left off.

  1. Go to the Vulnerability Management section in the Kandji web app.

  2. Select the CVE you want to manage.

  3. Select the Accept Risk tab.

  4. Choose to accept the risk either indefinitely or until a specific date.

  5. Optionally, fill out the Ticketing link and Comment fields.

  6. Click Accept risk.

  7. Once accepted, Slack notifications and regular log events for that CVE will be suppressed. A log event will be created to record your action, including whether the acceptance is indefinite or has an expiration date.  

  1. Go to the Vulnerability Management section in the Kandji web app.

  2. Select the CVE you want to manage.

  3. Select the Accept Risk tab.

  4. Click Un-accept risk.

  5. Optionally, fill out the Ticketing link and Comment fields.

  6. Click Confirm.

If you want to see which CVEs have accepted risks, use the Status filter in the Vulnerability Management interface and select Risk accepted. You’ll see a list of all CVEs with accepted risks, along with details about how long the acceptance lasts.

If you later decide to un-accept the risk, the CVE will go back to being treated as active. The timeline tab within the CVE detail view will show both the previous Risk accepted status and the current status.