cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IBM MQ - SAID missing

(1) Solution

When a disclosure is "missed" it is typically intentional. We are validating, restoring and curating software vulnerabilities to help week out a lot of the junk. Today, we issue rejection advisories only when the disclosure is authored by the vendor of the product (which may be suppressed). There are many junk entries in the NVD, so we do not issue rejection advisories for all of them. In the future, we do plan to make this more transparent to reduce the need to make inquiries regarding non-vendor rejected advisories. 

View solution in original post

(4) Replies
ChrisG
By Community Manager Community Manager
Community Manager

@riazahamed - I think you are trying to contact Flexera with a request. Posting here connects you with Software Vulnerability Management users around the world who can help discuss and answer questions, but is not an ideal way to raise requests to Flexera. Please raise a case with Flexera Support you want to connect with somebody in Flexera for specific requests like this: you can use the Support > Open New Case menu option once you have signed in to the community to do this.

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)

Thanks, I have raised a new case for this request.

In Flexera there are few advisories missing for products available in the database and every time do we have to raise a ticket for it?

Yes, that's a standard procedure for responding to missing advisories. Once a ticket is created, the support team engages different teams to investigate why the advisory was missed, and each team documents the investigation notes into our CRM system. 

When a disclosure is "missed" it is typically intentional. We are validating, restoring and curating software vulnerabilities to help week out a lot of the junk. Today, we issue rejection advisories only when the disclosure is authored by the vendor of the product (which may be suppressed). There are many junk entries in the NVD, so we do not issue rejection advisories for all of them. In the future, we do plan to make this more transparent to reduce the need to make inquiries regarding non-vendor rejected advisories.