> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Vulnerabilities

> Browse, report, view, and edit IT security vulnerabilities with severity tracking and remediation status workflow.

This page lists all tracked IT security vulnerabilities. Navigate to it at `/it/security/vulnerabilities`.

## Overview

The Vulnerabilities page displays a searchable, filterable table of vulnerabilities. Each row shows CVE ID, name, severity badge, discovery date, and remediation status badge. Filters: search, severity, and remediation status. The **Report Vulnerability** button navigates to `/it/security/vulnerabilities/new`. Clicking a vulnerability name navigates to its detail page.

Remediation status values from code: `open`, `in_progress`, `remediated`, `false_positive`.

## Who it's for

This route is protected by `IT_PERMISSIONS.VIEW` (`it.view`) via the module-level `ITViewGuard`. No additional per-route permission gate exists beyond the module guard.

## Before you start

* No prerequisites. The list loads automatically.

## Steps

1. Navigate to **IT > Security > Vulnerabilities**, or go directly to `/it/security/vulnerabilities`.
2. Use the **search box** to find vulnerabilities by name.
3. Use the **Severity** and **Status** dropdowns to filter the list.
4. Click a vulnerability name to open its detail page.
5. Click **Report Vulnerability** to record a new one.

## Key concepts

* **CVE ID** — optional Common Vulnerabilities and Exposures identifier.
* **SecuritySeverity** — `critical | high | medium | low`.
* **RemediationStatus** — `open | in_progress | remediated | false_positive`.

## Viewing a vulnerability

This page displays the full detail view for a single IT security vulnerability. Navigate to it at `/it/security/vulnerabilities/:id`.

The Vulnerability Details page shows vulnerability name, severity badge, optional CVE ID, discovery date, current remediation status, remediation date (if set), description, affected assets (`AffectedAssetsCard`), and remediation action buttons. Available actions depend on current status: Open shows "Mark In Progress"; Open or In Progress shows "Mark Remediated" and "Mark False Positive"; Remediated shows "Reopen".

Before you start: the vulnerability must already exist.

1. Navigate to **IT > Security > Vulnerabilities** and click a vulnerability name, or navigate directly to `/it/security/vulnerabilities/:id`.
2. Review the metadata cards: discovered date, remediation status, and remediation date.
3. Read the vulnerability description.
4. Review the **Affected Assets** section.
5. Use the **Remediation Actions** buttons to advance the vulnerability's status:
   * Click **Mark In Progress** to begin remediation.
   * Click **Mark Remediated** when the issue is resolved.
   * Click **Mark False Positive** if the finding is not a real vulnerability.
   * Click **Reopen** if a remediated vulnerability recurs.

**AffectedAssetsCard** — shows the list of IT assets impacted by this vulnerability.\
**remediation\_date** — set when status transitions to `remediated`.\
**CVE ID** — displayed in monospace below the title if set.

## Reporting a vulnerability

This page provides a form to report a new security vulnerability. Navigate to it at `/it/security/vulnerabilities/new`.

The New Vulnerability page is a single-step form. Required field is Vulnerability Name; all other fields (CVE ID, severity, discovered date, description) are optional. New records are created with `remediation_status` set to `open`. On success the user is redirected to the Vulnerabilities list at `/it/security/vulnerabilities`.

This route is protected by `IT_PERMISSIONS.VIEW` (`it.view`) via the module-level `ITViewGuard`. No additional per-route permission gate exists beyond the module guard.

Before you start: have the vulnerability name and, if available, the CVE identifier. Know the severity level and the date it was discovered.

1. Navigate to **IT > Security > Vulnerabilities** and click **Report Vulnerability**, or go directly to `/it/security/vulnerabilities/new`.
2. Enter the **Vulnerability Name** (required).
3. Optionally enter a **CVE ID** (e.g., `CVE-2024-12345`).
4. Select a **Severity**: Critical, High, Medium (default), or Low.
5. Set the **Discovered Date** (defaults to today).
6. Enter a **Description** including impact and potential remediation steps.
7. Click **Report Vulnerability**. On success you are redirected to the Vulnerabilities list.

New records start with `remediation_status: open`; status can be advanced to `in_progress`, `remediated`, or `false_positive` from the vulnerability detail page.

## Editing a vulnerability

The Edit Vulnerability screen allows updating an existing vulnerability record and is accessible at `/it/security/vulnerabilities/:id/edit`.

The Edit Vulnerability page loads the existing record via `useVulnerability`. The form fields include: CVE ID (optional), vulnerability name, severity (default `medium`), discovery date, remediation status (default `open`), description, remediation notes, and optional remediation date. On save, `updateVulnerability` is called. A loading skeleton is shown while data loads and an error/not-found state is displayed when appropriate. A back-navigation button is provided.

Before you start: the vulnerability record must exist.

1. Navigate to `/it/security/vulnerabilities/:id/edit` from the vulnerability detail or list page.
2. Modify CVE ID, name, severity, discovery date, remediation status, description, and notes.
3. If remediation is complete, set the remediation status accordingly and enter the remediation date and notes.
4. Submit the form to save updates and navigate back.

**cve\_id** — Optional CVE identifier (e.g., CVE-2024-12345); stored as a free-text field.\
**severity** — `SecuritySeverity` type; default `medium`.\
**remediation\_status** — `RemediationStatus` type; default `open`.\
**remediation\_date** — Optional date when the vulnerability was remediated.

## Related

<Columns cols={2}>
  <Card title="IT Service Management" icon="headset" href="/it/overview">
    IT Service Management overview.
  </Card>

  <Card title="Governance & parity" icon="scale-balanced" href="/governance/index" />
</Columns>

<Note>
  This page documents shipped product behavior. It is not medical, legal, or
  billing advice. Verify against your organization's policies and applicable
  regulations before using it for clinical, compliance, or billing decisions.
  Protected health information (PHI) shown in the product is governed by your
  tenant's access controls and is never exposed in this documentation.
</Note>

<Accordion title="Documentation sources">
  * src/routes/it.tsx
  * src/cores/it/pages/security/vulnerabilities/VulnerabilityListPage.tsx
  * src/cores/it/pages/security/vulnerabilities/VulnerabilityDetailPage.tsx
  * src/cores/it/pages/security/vulnerabilities/NewVulnerabilityPage.tsx
  * src/cores/it/pages/security/vulnerabilities/EditVulnerabilityPage.tsx
  * src/cores/it/hooks/useVulnerabilities.ts
  * src/cores/it/hooks/useVulnerabilityMutations.ts
  * src/cores/it/types/security.ts
</Accordion>
