As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.
Vulnerability Statuses
The following highlights the current statuses that can be applied to vulnerabilities in ThreadFix. For further information on each parameter, click on the associated status.
Statuses Applicable to Vulnerabilities | |||
Parameter | Value | Required | Description |
Boolean | No | Provide 'true' to mark the vulnerability as Contested. Provide 'false' to mark the vulnerability as Not Contested. Defaults to 'true' if not provided. | |
Boolean | No | Provide 'true' to mark the vulnerability as Verified. Provide 'false' to mark the vulnerability as Not Verified. Defaults to 'true' if not provided. | |
Boolean | No | Provide 'true' to mark the vulnerability as False Positive. Provide 'false' to mark the vulnerability as Not False Positive. Defaults to 'true' if not provided. | |
Developer Contested, Security Verified, and False Positive are mutually exclusive options, and certain user permission levels allow for options to be set or disabled. | |||
| |||
Boolean | No | Provide 'true' to mark the vulnerability as Exploitable. Provide 'false' to mark the vulnerability as Not Exploitable. Defaults to 'true' if not provided. | |
Scanner Exploitable can co-exist with the statuses above and may be inherited in a Findings Response, but is not enabled for user customization. | |||
For Further Vulnerability Management information please see the additional resources below:
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.