Sure i did the screenshot come from there !
The compliance is just a "group"
So you just have to delete the vulnerabilities from this.
If you have access to the database (I'm sort of assuming you're the admin there), you should be able to shed a bit of light on this issue.
Here - run the following SQL statement:
select * from Vulnerability where Compliance>0
That will list you all the vulnerabilities that are marked to be part of the compliance group from the DB back-end side of things (the 'Compliance' column value is '0' for vulnerabilities that aren't part of the Compliance group).
Regardless of the GUI, that's "the true story" at its simplest. If you *HAVE* vulnerabilities in the compliance group and they don't show up for you in the console, there's a good chance that you're running into some sort of DB issues - and you may want/need to provide your database to support so we can have a look at it & see if there's serious problems, or just some basic TLC / logic things needed that can fix it.
"Could be anything" at this point - from serious to a "few seconds worth of fix" (so I'm specifically not trying to panic you here) . As long as you've been running DB maintenance and checking the health of your DB (in other words - if you're using SQL - using DBCC for instance), the odds are usually that this is going to be something not too terrible .
Hope that this helps you along a bit.
Just to clarify ... yes - you *COULD* triage the situation with a simple SQL update-statement like the below, but I'd advise *AGAINST* it.
Usually seeing this sort of "disconnect" and "oddities" tends to be an indicator that either "things ARE wrong" or "things are about to go wrong" with the database - which is why I'd like you to heave it over to support. I'd rather have this be looked at & fixed "properly".
It's much better than just triaging the symptom and running into real problems later on.
But yes - in principle, something like this would wipe out "all" of the compliance setting (ACROSS the board) - this is purely INFORMATIONAL only.:
Update Vulnerability set Compliance=0
- Paul Hoffmann
the compliance group is empty on all the scope. It's probably a attached to the object rather than a group as you cann see it on the full catalogue.
@phoffmann : Thank your very detail anwser. I have admin right but i'm not supposed to do some job directly on the SQL server. I will dig that with the technical support.
Yeah - that happens. Talk to your SQL team & work together with them in that case.
Best to "play nice" (since you'll probably need their help in the future) here. The steps aren't complicated, so it shouldn't be a long thing by and large.
Let us know if you get stuck.
If it ends up a DB-issue, there's a good chance that there's more/other problems with the database itself as well, as I've mentioned.
Hope this helps & best of luck .