COrtex vulnerability assessment

RajeshPremSingh — Wed, 10 Apr 2024 21:56:34 GMT

COrtex vulnerability assessment showed on Linux Snap has an older version but we upgraded latest version it still shows an an older version on the Console when i raised case one support they told me the below point I have pasted below didn't get what he said Also we getting multiple firefox vulnerability even tho we upgraded

below are the support response
For the snap upgrade to version 2.61, the package was updated 'inside' snap, but the Debian package installed on the system remained 2.58. This is what Ubuntu sees, this is what we query, this is what we report

Can u guys explain this for multiple Linux machines we are facing this issue even tho we upgraded the console is not reflected

Re: COrtex vulnerability assessment

jtalton — Tue, 16 Apr 2024 17:55:37 GMT

Hi RajeshPremSingh,

The response indicates that the upgrade did not apply to the Debian package, just the snap package. Cortex XDR lists only CVEs relating to the operating system and will query the distro package.

You may run the dpkg-query -W command to verify the application version and compare the result to Host Insights VA.

The same scenario applies for Firefox as well; Firefox may be installed in the snap package instead of the Debian package.

I hope this provides a better understanding of your inquiry.

Thank you

topic Re: COrtex vulnerability assessment in Cortex XDR Discussions

COrtex vulnerability assessment

Re: COrtex vulnerability assessment