Page History

Required Permissions

Info
title Permissions

Scope of Mutes

Kiuwan Insights lets you

mute a specific CVE over a component(s) (i.e. this specific component should not raise this specific CVE)

The precedence column means the

applicability of the mute in case of conflicts,

 being applied the case with higher precedence value.

How to mute CVE vulnerabilities

You can mute at different locations:

• Components tab (selecting a component row, and clicking on the Mute Vulnerabilities component's menu option)
• Security tab (selecting a CVE row, and clicking on the Mute Vulnerabilities menu option of any of the components affected by that CVE)
• Selecting Mute Vulnerabilities option at Components / Security tab's

• hamburger menu.

• Insights management section in the admin space 

Global Mutes Administration

Kiuwan Insights

allows you to globally administrate the mutes defined within your Kiuwan account.

You can access the Global Mute Admin by selecting the Mute Vulnerabilities option at the Components / Security tab's

hamburger menu.

Image Modified

Mute Vulnerabilities allows you to manage

mutes based on Vulnerabilities and/or Components

Image Modified

By Vulnerability

When "By Vulnerability" tab is selected, the full list of Vulnerabilities discovered through all the applications of your Kiuwan account is displayed.

Click a CVE

to open the list of

components affected by that vulnerability. 

Image Added

Click Modify in the component row to open the Mute Vulnerabilities dialog.

Image Added

Then, you can decide to mute the vulnerability for the selected component either

all

applications, for a set of apps or

only one application.

After

muting,

the scope

of the mute is at the Mute Vulnerabilities tab.

Image Added

By Component

When

By Component

is selected, the full list of

components affected by

any CVE through all the applications of your Kiuwan account is displayed

Click a Component

to open the list of CVEs found for that component.

Image Added

Clicking

Modify

 for a CVE will open Mute Vulnerabilities dialog.

Image Added

Then, you can decide to mute the vulnerability for the selected component either for all

applications, for a set of apps, or only for

one application.

After

muting, you will see the scope

of the mute

in the Mute Vulnerabilities tab.

Image Added

Muting at the Component tab 

Also, you can mute

in the Components tab by clicking the dropdown menu at the right of a specific Component and

selecting Mute Vulnerabilities.

Image Added

In the Mute Vulnerabilities dialog

, select the CVE to

Global Mute or Application Mute.

Image Added

 After clicking Save the muted vulnerability grays out when expanding

the component.

Image Added

Muting at the Security tab 

The mute option is found also in the Security tab.

Click a Vulnerability to display more details and the list of components affected by the vulnerability

. At the bottom, in the Component section, click each dropdown button to mute vulnerabilities for each one of them.

Image Added

There is a special case (as you can see below). It happens when there are two mutes for that CVE-component: it's muted by a Global mute and also by an Application mute. Then, there are two mutes, i.e. the component is muted for two reasons.

Image Added

Whatever the mute reason, just select the Mute Vulnerabilities

from the dropdown menu at the right of a specific Component.

Then, the Mute

Vulnerabilities dialog

opens.

Image Added

The Mute Vulnerabilities dialog lets you

select the CVE to mute and decide

Global Mute or Application Mute.

Muting in Insights Management 

Open the drop-down menu on the upper-right corner and select Insights Management

Image Added

The Mute Vulnerabilities page displays:

Image Added

Please follow the instructions mentioned in the steps before to mute vulnerabilities.