Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt

Use this file to discover all available pages before exploring further.

This page displays the full detail view for a single IT security vulnerability. Navigate to it at /it/security/vulnerabilities/:id.

Overview

The Vulnerability Details page shows vulnerability name, severity badge, optional CVE ID, discovery date, current remediation status, remediation date (if set), description, affected assets (AffectedAssetsCard), and remediation action buttons. Available actions depend on current status: Open shows “Mark In Progress”; Open or In Progress shows “Mark Remediated” and “Mark False Positive”; Remediated shows “Reopen”.

Who it’s for

This route is protected by IT_PERMISSIONS.VIEW (it.view) via the module-level ITViewGuard. No additional per-route permission gate exists beyond the module guard.

Before you start

  • The vulnerability must already exist.

Steps

  1. Navigate to IT > Security > Vulnerabilities and click a vulnerability name, or navigate directly to /it/security/vulnerabilities/:id.
  2. Review the metadata cards: discovered date, remediation status, and remediation date.
  3. Read the vulnerability description.
  4. Review the Affected Assets section.
  5. Use the Remediation Actions buttons to advance the vulnerability’s status:
    • Click Mark In Progress to begin remediation.
    • Click Mark Remediated when the issue is resolved.
    • Click Mark False Positive if the finding is not a real vulnerability.
    • Click Reopen if a remediated vulnerability recurs.

Key concepts

  • RemediationStatusopen | in_progress | remediated | false_positive.
  • CVE ID — displayed in monospace below the title if set.
  • AffectedAssetsCard — shows the list of IT assets impacted by this vulnerability.
  • remediation_date — set when status transitions to remediated.

IT Service Management

IT Service Management overview.

Governance & parity

This page documents shipped product behavior. It is not medical, legal, or billing advice. Verify against your organization’s policies and applicable regulations before using it for clinical, compliance, or billing decisions. Protected health information (PHI) shown in the product is governed by your tenant’s access controls and is never exposed in this documentation.
  • src/routes/it.tsx
  • src/cores/it/pages/security/vulnerabilities/VulnerabilityDetailPage.tsx
  • src/cores/it/hooks/useVulnerabilities.ts
  • src/cores/it/hooks/useVulnerabilityMutations.ts
  • src/cores/it/types/security.ts