In Cisco Vulnerability Management there are a number of background computing jobs that run nightly. One of those jobs produces the reporting numbers displayed on historical data graphs for reporting.
Note: Cisco Vulnerability Management processes background jobs, such as risk meter refreshes, between 11 PM and 3 AM local time in EU and AJPC, and between 10:30 and 1:30 in the US region, excluding Hawaii.
Cisco Vulnerability Management is very dynamic which makes recreating those historical number virtually impossible for the following reasons:
- Real time threat data changes vulnerability scores - up and down - as new data is acquired altering vulnerability counts by risk.
- Vulnerabilities may be re-opened by scanners at any time altering open and closed vulnerability counts.
- Tags on assets may change altering assets counts and scores for risk meters where tags were used to build the risk meter query.
- Assets may flip to inactive status altering risk meter score as well as asset and vulnerability counts.
- Asset priority may be changed at any time altering the overall asset score and also the risk meter scores of any group containing the assets.