Create Mitigation Rollback Job

You can create mitigation rollback job for the vulnerabilities of the respective assets that are already mitigated. 

Navigate to the VMDR > Vulnerabilities tab and select the QID to rollback. From the Quick Actions menu, click View Risk Elimination. You are redirected to the Mitigation > Eliminations tab. Click Rollback Mitigation. 



On the Create: Windows Mitigation Rollback Job window, perform the following steps: 

1. Basic Information
2. Select Assets
3. Select Actions
4. Schedule
5. Options
6. Job Access
7. Confirmation

1. Basic Information

   Enter a job title and description of the job in the respective fields and click Next.

2. Select Assets

    The Manual Asset Selection option is selected by default. The selected asset is automatically displayed on the screen. Click Next.

    Important to Know           

• You can only remove assets, but cannot add additional assets to the mitigation job.   
• If you remove an asset,  the associated QID is also removed from the job. 
• You need atleast one asset to save the mitigation job. 

 3. Select Actions

 The action is populated on the screen by default. Click Next.

4. Schedule

i) The On Demand job run option is selected by default, and the job is executed once enabled.

ii) To schedule the job to run at a specific time: 

1. Click Schedule.
2. Select the required START DATE and START TIME.
3. To select the required timezone, click Set timezone and select from the options from the dropdown list.
   By default, the system uses the agent timezone.
4. Click Next. 

5. Options 

To configure job notification settings:

1. Enter the email address of the recipient. You can enter a maximum of fifty email addresses.  
2.  (Optional) Select Execution started checkbox to receive email notification when the job is started
3. Select the Execution Completed checkbox and enter the percentage of job completion on which you want to receive the notification. 
4. Click Next.

6. Job Access

Select the co-authors for this rollback mitigation job and click Next. The co-authors can perform job actions based on their permissions, such as editing the job. 

7. Confirmation

Review your selections, and select Save or Save and Enable the job. 

Note that the SuperUser or Administrator can change the job status (enable/disable), delete and edit the job.

• When you click Save, the job is saved, and its status is DISABLED. You can enable it later. 

To run a job in the DISABLED state, you must enable it. To enable it, go to the Jobs tab and click Enable from the Quick Actions menu of a job.

• When you click Save & Enable, the job is saved and ENABLED. This option is available only when creating a Job the first time, not during editing the job.

The Save and Enable option should be chosen only when you are confident that the job is correctly configured because it's enabled and in a good-to-execute state.

Once all the CVEs associated with the QID are rolled back, the Mitigated status will be removed. After rollback, the QDS score reverts to the original score when the vulnerability was not mitigated.

For example, if the QDS score of the CVE before mitigation was 90, and after mitigation, the score was reduced to 60, then after the rollback action, the score changes back to 90.  

The mitigation rollback job status can be viewed on the VMDR > Vulnerabilities tab.