Rejected Advisories

For compliance reasons, for example NERC (North American Electric Reliability Corporation), you may be required to report not only the vulnerabilities covered by the normal Advisories but also vulnerabilities, which our Research Team has rejected as not being a valid threat to security.

The Rejected Advisories page displays the advisories affecting your Watch Lists that did not pass our validation and filtering process rules and provides you with information about rejected vulnerabilities to make it possible for you to fulfill your compliance requirements. The Rejected Advisories page can be shown or hidden, depending on the Account Options set by your Administrator.

An advisory can be rejected for one of many reasons. The most common are:

No reachability—The vulnerability cannot be exploited because the affected systems cannot be reached by an attacker.
No gain—The vulnerability may be reached, but without any gain for the attacker.
No exploitability—The vulnerability cannot be exploited because, for example, policy forbids installation of the affected software.
Dependent on other—The vulnerability cannot be exploited by itself but is depending on another vulnerability being present.

Note:The rules outlined below are rules of thumb and not strictly pass/fail rules.

To view rejected advisories

1. Open the Research > Advisory Database > Rejected Advisories page.

2. Click to filter the Advisories by Zero Day, Impact, CVE(s), SAID, From and To dates, Criticality, Solution status, Where, and Score Minimum and Maximum values.

Note:Rejected advisories may not have all the details of the normal advisories: CVSS Vector and score, criticality, and so on.

3. Click the Apply or Reset buttons to apply or reset the filters.
4. Click the Save or Delete buttons to save or delete filters. You can save only one row on both the desktop and mobile UI.
5. Click a Secunia Advisory ID (SAID) to view detailed information related to the Advisory.
6. Click an Advisory check box in a row or rows in the grid or click the Advisory and select View Advisory or Create ticket.

Note:If you select multiple advisories, one ticket will be created for each of the advisories selected.

Once you have selected an Advisory check box, you can click to create a ticket.