Navigate to the Objects tab.Using the navigation menu on the left, select Security Profiles > Vulnerability Protection.
Under the name column in the window on the right, select the Vulnerability Protection object you wish to edit the signature in by clicking on the name. Please note that the default and strict policies, which come default with PAN-OS, cannot be changed and must be cloned first.
Select the Exceptions tab.
Check the show all signatures box.
Search for the threat ID number (or name).
Change the action you wish for the signature to take.
Check the enable box.
Commit the changes.
After this is done, every signature in that profile should continue taking the assigned default actions, except for the one you just altered. In this instance, signature 30419 now has an action of ALLOW for any security rules this vulnerability profile is assigned.
Note: Certain vulnerabilities, typically brute-force related, can have their thresholds changed with vulnerabilty exception:
Note: In the case that you need to collect extended captures in order to report false positive, please follow this article.