Nexpose : Vulnerability Exceptions : Creating a Vulnerability Exception

Creating a Vulnerability Exception

To create a vulnerability exception, your project must contain assets from a Nexpose scan or import. You must also have an active Nexpose Console configure for the project. Metasploit Pro connects to the Nexpose Console that you configured for the project to create vulnerability exceptions for an asset.
If the project does not contain an active Nexpose Console or assets, the Nexpose Exception Push feature is unavailable.
When you import or scan assets from Nexpose, you should enable automatic tagging. A tag is a label that you apply to an asset in order to group them together based on a set of criteria. A tag helps you quickly identify and find assets to run tests against.
1.)
Select Project > [Project Name] > Vulnerabilities from the main menu. A list of assets and vulnerabilities appears.
2.)
3.)
Click Nexpose Exceptions. The New Nexpose Exceptions Push window appears.
4.)
5.)
Choose if you want to automatically approve the vulnerability exception. If you do enable this option, you will need to approve the vulnerability request through the Nexpose Console.
6.)
Choose if you want to set an expiration date for the vulnerability exception. If you choose this option, Nexpose will remove the exception from the asset on the date that you specify.
7.)
The Vulnerability Exceptions area displays a table that lists the vulnerability information for each asset that you added to the exception push. Select the vulnerability that you want to create an exception for.
8.)
9.)
10.)
After you create the exceptions, open the Nexpose Console and verify that the asset shows the vulnerability exception that you pushed from Metasploit Pro.