** Note that this is a public ticket, please refrain from adding any sensitive data. **

Vulnerability service on hybrid console to display text on how Vulnerability is actually calculated for systems tied to a minor release.

DETAILS:

Currently the vulnerability service shows all CVEs available for the major version of your RHEL system, even if the system has its release version locked to a specific minor release. To determine if the CVE was applied to the minor version of your RHEL system, in the Security → Vulnerability → Systems, locate your system. The Remediation type must be Manual.

The above is noted in as "Important" in the below doc:
https://docs.redhat.com/en/documentation/red_hat_lightspeed/1-latest/html-single/assessing_and_monitoring_security_vulnerabilities_on_rhel_systems/index#con-vuln-how-vulnerability-works_vuln-overview

But unfortunately this does not serve the entire purpose. Our customers are usually unaware of this part of the documentation and will raise a case and query about why he/she is still seeing vulnerability when using a client system is tied to a minor version like eus/e4s and patched with it.

THE ASK:

While I can understand this is how vulnerability is supposed to work on HYBRID CONSOLE, the ask for this RFE is to include that "Important" text in hybrid console itself on the below possible place so that customers can immediately understand what they see:

1. RHEL > Security > Vulnerability > CVEs
2. RHEL > Inventory > Systems > Vulnerability tab
3. RHEL > Security > Vulnerability > Systems > Individual system
Points 2 and 3 actually point to the same page.