diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 392a161a0b19412060010dbd1a34f2caba5592fd..25fd23ffddb0398887f36722850ba544dbc49fc7 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -5544,7 +5544,7 @@ Input type: `VulnerabilityCreateInput`
 | Name | Type | Description |
 | ---- | ---- | ----------- |
 | <a id="mutationvulnerabilitycreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationvulnerabilitycreateconfidence"></a>`confidence` | [`VulnerabilityConfidence`](#vulnerabilityconfidence) | Confidence of the vulnerability (defaults to `unknown`). |
+| <a id="mutationvulnerabilitycreateconfidence"></a>`confidence` **{warning-solid}** | [`VulnerabilityConfidence`](#vulnerabilityconfidence) | **Deprecated:** This field will be removed from the Vulnerability domain model. Deprecated in 15.4. |
 | <a id="mutationvulnerabilitycreateconfirmedat"></a>`confirmedAt` | [`Time`](#time) | Timestamp of when the vulnerability state changed to confirmed (defaults to creation time if status is `confirmed`). |
 | <a id="mutationvulnerabilitycreatedescription"></a>`description` | [`String!`](#string) | Long text section that describes the vulnerability in more detail. |
 | <a id="mutationvulnerabilitycreatedetectedat"></a>`detectedAt` | [`Time`](#time) | Timestamp of when the vulnerability was first detected (defaults to creation time). |
@@ -15732,7 +15732,7 @@ Represents vulnerability finding of a security report on the pipeline.
 | Name | Type | Description |
 | ---- | ---- | ----------- |
 | <a id="pipelinesecurityreportfindingassets"></a>`assets` | [`[AssetType!]`](#assettype) | List of assets associated with the vulnerability. |
-| <a id="pipelinesecurityreportfindingconfidence"></a>`confidence` | [`String`](#string) | Type of the security report that found the vulnerability. |
+| <a id="pipelinesecurityreportfindingconfidence"></a>`confidence` **{warning-solid}** | [`String`](#string) | **Deprecated** in 15.4. This field will be removed from the Finding domain model. |
 | <a id="pipelinesecurityreportfindingdescription"></a>`description` | [`String`](#string) | Description of the vulnerability finding. |
 | <a id="pipelinesecurityreportfindingdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. |
 | <a id="pipelinesecurityreportfindingevidence"></a>`evidence` | [`VulnerabilityEvidence`](#vulnerabilityevidence) | Evidence for the vulnerability. |
diff --git a/ee/app/graphql/mutations/vulnerabilities/create.rb b/ee/app/graphql/mutations/vulnerabilities/create.rb
index a5ba1e76633674d5257ea67b97d062595b0a7462..889f5479d0fdb78d0e8077b05309630be696eafa 100644
--- a/ee/app/graphql/mutations/vulnerabilities/create.rb
+++ b/ee/app/graphql/mutations/vulnerabilities/create.rb
@@ -40,7 +40,11 @@ class Create < BaseMutation
       argument :confidence, Types::VulnerabilityConfidenceEnum,
         required: false,
         description: 'Confidence of the vulnerability (defaults to `unknown`).',
-        default_value: 'unknown'
+        default_value: 'unknown',
+        deprecated: {
+          reason: 'This field will be removed from the Vulnerability domain model',
+          milestone: '15.4'
+        }
 
       argument :solution, GraphQL::Types::String,
         required: false,
diff --git a/ee/app/graphql/types/pipeline_security_report_finding_type.rb b/ee/app/graphql/types/pipeline_security_report_finding_type.rb
index 7ed12819652a839eb67bb0c5f05c42a1047dbe73..29bf2a741b9f80b498c8289f5a08e08615992fb3 100644
--- a/ee/app/graphql/types/pipeline_security_report_finding_type.rb
+++ b/ee/app/graphql/types/pipeline_security_report_finding_type.rb
@@ -34,7 +34,11 @@ class PipelineSecurityReportFindingType < BaseObject
     field :confidence,
           type: GraphQL::Types::String,
           null: true,
-          description: 'Type of the security report that found the vulnerability.'
+          description: 'Type of the security report that found the vulnerability.',
+          deprecated: {
+            reason: 'This field will be removed from the Finding domain model',
+            milestone: '15.4'
+          }
 
     field :false_positive,
           type: GraphQL::Types::Boolean,
diff --git a/ee/lib/ee/api/internal/kubernetes.rb b/ee/lib/ee/api/internal/kubernetes.rb
index 11ce278418eaf880895c186d0a85921396577cd0..d6b05cd8e1b6c000db5fcc4dcf48fc3892a85cae 100644
--- a/ee/lib/ee/api/internal/kubernetes.rb
+++ b/ee/lib/ee/api/internal/kubernetes.rb
@@ -17,7 +17,7 @@ module Kubernetes
                   requires :vulnerability, type: Hash, desc: 'Vulnerability details matching the `vulnerability` object on the security report schema' do
                     requires :name, type: String
                     requires :severity, type: String, coerce_with: ->(s) { s.downcase }
-                    requires :confidence, type: String, coerce_with: ->(c) { c.downcase }
+                    optional :confidence, type: String, coerce_with: ->(c) { c.downcase }
 
                     requires :location, type: Hash do
                       requires :image, type: String
diff --git a/ee/spec/requests/api/internal/kubernetes_spec.rb b/ee/spec/requests/api/internal/kubernetes_spec.rb
index ddbe3664edd3aa259bb02b86b41434407650faa5..9afba394d07b14e65302d22a0ed14a3be2c939df 100644
--- a/ee/spec/requests/api/internal/kubernetes_spec.rb
+++ b/ee/spec/requests/api/internal/kubernetes_spec.rb
@@ -83,7 +83,6 @@ def send_request(params: {}, headers: agent_token_headers)
           vulnerability: {
             name: 'CVE-123-4567 in libc',
             severity: 'High',
-            confidence: 'Unknown',
             location: {
               image: 'index.docker.io/library/nginx:latest',
               kubernetes_resource: {