Skip to main content
This guide applies to Mac computers

About Accepting CVE Risks

When managing vulnerabilities in your environment, you may need to accept certain CVE risks based on your organization’s security posture and business requirements. Iru Endpoint provides flexible options for accepting risks either indefinitely or for a specific timeframe. Please see our Vulnerability Management Overview article for more information about vulnerabilities.

How It Works

CVE risk acceptance allows you to acknowledge vulnerabilities that you’ve determined are acceptable for your environment. When you accept a CVE risk, notifications and log events for that vulnerability are suppressed, but you can reverse the decision at any time to resume monitoring. Once you’ve accepted a CVE risk, the system automatically suppresses notifications and log events for that specific vulnerability. This helps reduce noise in your security monitoring while maintaining visibility into the decision-making process. You can track all risk acceptance decisions through the Vulnerability Management interface and easily reverse them when your security posture changes.

CVE Risk Acceptance Options

When you review CVEs in Vulnerability Management, you can assess each one based on factors like severity, exploitability, and how it relates to your business needs. Sometimes, you might decide not to remediate a CVE right away. For example, maybe the latest patch isn’t available yet, the issue is low priority, or the affected application is essential to your workflow and you’ve decided the risk is acceptable for now. Iru Endpoint gives you two options for accepting CVE risks:
  • Accept risk indefinitely - This permanently acknowledges the risk for the selected CVE. Notifications and log events for that CVE will be suppressed.
  • Accept risk until a specific date - This temporarily accepts the risk until the date you choose. After that date, the CVE returns to active status, and notifications and log events resume.
You can also reverse your decision at any time. If you “un-accept” the risk, the CVE is treated as active again, and notifications and log events will start up where they left off.

Accepting a CVE Risk

1

Navigate to Vulnerability Management

Go to the Vulnerability Management section in the Iru Endpoint web app.
2

Select the CVE

Select the CVE you want to manage.
3

Open Accept Risk Tab

Select the Accept Risk tab.
4

Choose Acceptance Type

Choose to accept the risk either indefinitely or until a specific date.
5

Add Optional Details

Optionally, fill out the Ticketing link and Comment fields.
6

Accept the Risk

Click Accept risk.
Once accepted, Slack notifications and regular log events for that CVE will be suppressed. A log event will be created to record your action, including whether the acceptance is indefinite or has an expiration date.

Un-accepting a CVE Risk

1

Navigate to Vulnerability Management

Go to the Vulnerability Management section in the Iru Endpoint web app.
2

Select the CVE

Select the CVE you want to manage.
3

Open Accept Risk Tab

Select the Accept Risk tab.
4

Start Un-accept Process

Click Un-accept risk.
5

Add Optional Details

Optionally, fill out the Ticketing link and Comment fields.
6

Confirm Un-acceptance

Click Confirm.

CVE Status Filters

If you want to see which CVEs have accepted risks, use the Status filter in the Vulnerability Management interface and select Risk accepted. You’ll see a list of all CVEs with accepted risks, along with details about how long the acceptance lasts.

CVE Timeline

If you later decide to un-accept the risk, the CVE will go back to being treated as active. The timeline tab within the CVE detail view will show both the previous Risk accepted status and the current status.