https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258972#M303 If you enable extended (or single packet) pcap in the security profile, you will get the offending packet Sun, 28 Apr 2019 16:19:42 GMT reaper 2019-04-28T16:19:42Z https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258964#M302 <P>HI&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/7608">@reaper</a>&nbsp;</P><P>&nbsp;</P><P>Palo alto is releasing content update every week and changes in default action will be changed periodically.</P><P>&nbsp;</P><P>Recenty in Content version 8146 vulnerability 55570&nbsp;&nbsp;Oracle WebLogic wls9-async Remote Code Execution Vulnerability&nbsp; action is set to resert-server.&nbsp;</P><P>&nbsp;</P><P>How can i get the signature pattern used by this vulnerability to confirm the incoming data is vulnerable. When palo alto confirm incoming data is vulnerable by matching with this vulnerability id then how can i get that vulnerable data payload.</P><P>&nbsp;</P><P>Regards</P><P>Venky</P> Sun, 28 Apr 2019 13:03:11 GMT https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258964#M302 Venkatesan_radhakrishnan 2019-04-28T13:03:11Z https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258972#M303 If you enable extended (or single packet) pcap in the security profile, you will get the offending packet Sun, 28 Apr 2019 16:19:42 GMT https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258972#M303 reaper 2019-04-28T16:19:42Z https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258983#M304 <P>&nbsp;Can i able to find the signature pattern used by specific vulnerability.</P><P>&nbsp;</P><P>Regards</P><P>Venky</P> Mon, 29 Apr 2019 05:37:11 GMT https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/258983#M304 Venkatesan_radhakrishnan 2019-04-29T05:37:11Z https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/259161#M305 If you know the associated CVE you can research the vulnerability on MITRE, but you cant extract the pattern from our database Mon, 29 Apr 2019 21:45:10 GMT https://live.paloaltonetworks.com/t5/custom-signatures/how-to-get-vulnerability-signature-pattern/m-p/259161#M305 reaper 2019-04-29T21:45:10Z