Skip to content
  • There are no suggestions because the search field is empty.

What are the different vulnerability statuses?

This article describes the different statuses a vulnerability can have in Security Center, and what each status means.

Statuses

New Assigned the first time a vulnerability is discovered on an asset.

Active The same vulnerability has been detected again in a subsequent assessment. It remains unresolved.

Closed The vulnerability is no longer detected in the most recent assessment. This happens automatically when an assessment confirms the vulnerability is no longer present on the asset.

Reopened A previously closed vulnerability has been detected again in a subsequent assessment. Once resolved, it returns to Closed.

Each vulnerability is assigned a status that reflects its current state. The status updates automatically based on assessment results and cannot be set manually.

How statuses progress

Statuses only move forward — a vulnerability can never revert to an earlier status. The typical lifecycle is:

  1. Vulnerability is discovered for the first time > New
  2. Same vulnerability detected in a later assessment > Active
  3. Vulnerability is fixed and no longer detected > Closed
  4. Vulnerability is detected again after being closed > Reopened
  5. Vulnerability is fixed again > Closed

The only way to fully reset a vulnerability's status history is to delete the asset. This permanently removes the asset and all associated data.