topic Re: Why none of the CVEs on Cortex XDR are from years prior to 2017? in Cortex XDR Discussions

Why none of the CVEs on Cortex XDR are from years prior to 2017?

Rolando_Pena — Mon, 29 Jan 2024 13:59:24 GMT

All the CVEs that appear on the platform Cortex XDR date back to 2017, when I see the vulnerability assessment section, none of the CVEs are from years prior to 2017. Could you give me an answer as to why this is so?

Re: Why none of the CVEs on Cortex XDR are from years prior to 2017?

jmazzeo — Mon, 29 Jan 2024 15:38:10 GMT

Hi @Rolando_Pena, thanks for reaching us using the Live Community.

The Vulnerability Assessment covers vulnerabilities older than 2017, you might not have any present in your Endpoints.

Re: Why none of the CVEs on Cortex XDR are from years prior to 2017?

ithermos — Mon, 29 Jan 2024 15:11:16 GMT

What kind of sorcery is this ?

How do you have CVEs for Applications. I thought, at least up to now, that the assessment was only applicable to OS related vulnerabilities

Re: Why none of the CVEs on Cortex XDR are from years prior to 2017?

jmazzeo — Mon, 29 Jan 2024 15:15:58 GMT

Hi @ithermos, this is part of the Host Insights Add-on. Take a look at the documentation: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Vulnerability-Assessment?tocId=Kk9cUpSZMD1J79_PHCKaQA

Re: Why none of the CVEs on Cortex XDR are from years prior to 2017?

ithermos — Mon, 29 Jan 2024 15:26:25 GMT

First of all thanks for the response.

I have the Add-on installed for quite some time. Furthermore, from the link you provided and is what I also read in the past, I quote:

"Cortex XDR lists only CVEs relating to the operating system, and not CVEs relating to applications provided by other vendors."

In the APPLICATION/OPERATING SYSTEM column in the console, as a value there is only "Operating System"; when you I hide this value there is not a single entry for a CVE. Strange.