Page History

Info
title Permissions

Scope of Mutes

Kiuwan Insights lets you

mute a specific CVE over a component(s) (i.e. this specific component should not raise this specific CVE)

The precedence column means the

applicability of the mute in case of conflicts, being applied the case with higher precedence value.

How to mute CVE vulnerabilities

You can mute at different locations:

• Components tab (selecting a component row, and clicking on the Mute Vulnerabilities component's menu option)
• Security tab (selecting a CVE row, and clicking on the Mute Vulnerabilities menu option of any of the components affected by that CVE)
• Selecting Mute Vulnerabilities option at Components / Security tab's

• hamburger menu.

• Insights management section in the admin space

Global Mutes Administration

Kiuwan Insights lets you to globally administrate the mutes defined within your Kiuwan account.

You can access the Global Mute Admin by selecting the Mute Vulnerabilities option at the Components / Security tab's

hamburger menu.

Image Modified

Mute Vulnerabilities allows you to manage mutes based on Vulnerabilities and/or Components

Image Modified

By Vulnerability

When "By Vulnerability" tab is selected, the full list of Vulnerabilities discovered through all the applications of your Kiuwan account is displayed

Clicking on a CVE will open the list of

components affected by that vulnerability.

Image Modified

Clicking

on the Modify

 button of a component will open Mute Vulnerabilities dialog.

Image Modified

Then, you can decide to mute the vulnerability for the selected component either

all

applications, for a set of apps or

only one application.

After mute, you will see the scope

of the mute at the Mute Vulnerabilities tab.

Image Modified

By Component

When

By Component

 is selected, the full list of Componentes affected by some CVE through all the applications of your Kiuwan account is displayed

Clicking on a Component will open the list of CVEs found for that component.

Image Modified

Clicking

Modify

 of a CVE will open Mute Vulnerabilities dialog.

Image Modified

Then, you can decide to mute the vulnerability for the selected component either

all

applications, for a set of apps or

only one application.

After mute, you will see the scope

of the mute at the Mute Vulnerabilities tab.

Image Modified

Muting at the Component tab 

You can mute from the Component tab.

Just click on the dropdown menu at the right of a specific Component and

select Mute Vulnerabilities.

Image Modified

Mute Vulnerabilities dialog will open letting you

select the CVE to mute and decide to mute it either by all the apps of your account or for the current application.

Image Modified

After clicking on Save you will see the muted vulnerability greyed when opening the component.

Image Modified

Muting at the Security tab 

You can mute from the Security tab.

Just click on a Vulnerability and its details will be displayed. Also, the list of components affected by the vulnerability is displayed.

If there exists a mute on some component, the component will appear grayed and the reason

for the mute.

In the image, you can see that the first mute is "Global" (there's a global mute for this component and CVE, i.e. it's muted for all the applications of the Kiuwan account), but for the second component, the mute is "Application" (i.e. the mute only affects to this CVE for that component on the current application.

Image Modified

There's a special case (as you can see below). It

happens when there are 2 mutes for that CVE-component: it's muted by a Global mute and also by an Application mute. Then, there are two mutes, i.e. its muted

for two reasons.

Image Modified

Whatever be the mute

reason, just

select the Mute

Vulnerabilities from the dropdown menu at the right of a specific Component.

Then, Mute

Vulnerabilities dialog will open.

Image Modified

Mute Vulnerabilities dialog lets you

select the CVE to mute and decide to mute it either by all the apps of your account or for the current application.