[Incident]: Some users report they are unable to access the case portal. Please see this community notice for more information.

Showing results for 
Show  only  | Search instead for 
Did you mean: 

"Review Vulnerabilities" button is not displayed.

"Review Vulnerabilities" button is not displayed.


This article discusses bug reference SCA-11224


When attempting to review vulnerabilities as a user that is both a reviewer and a requester the "Review Vulnerabilities" button is not displayed.


A bug has been reported for this issue under reference SCA-11224. The reason behind this logic is that the Requester, Developer and Quick Reviewer are typically a different set of users with a different responsibilities:

1. Requester ? this is typically the developer who is requesting use of open source. This user has ?view only? permission. Someone requesting permission to use open source would not normally be the one to approve/reject their own use of it.
2. Security Reviewer ? responsible for conducting a security review (this user can also be a ?Reviewer? on the project) but should not be the ?Quick Reviewer?
3. Quick Reviewer ? responsible for associating requests to inventory and reviewing the item as a whole

So based on the above, the Requester role on a project should prevent the user from being able to review an item.
The Security Reviewer and Reviewer role on a project (I believe) are independent. Having both roles should not prevent the user from conducting a security review.
The Quick Reviewer role is the one that allows users to associate inventory to requests and blocks user from seeing the vulnerability shield.
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Oct 30, 2018 01:05 PM
Updated by: