CVEs for applications Unsupported Platform

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

CVEs for applications Unsupported Platform

L2 Linker

We have quite a bit of different softwares installed here, many Adobe products, 7-zip etc which I know have CVEs issued. Do I need to do something to enable this feature in XDR? ALL of the software detected shows Unsupported Platform. Does this feature actually work?

 

DopedWafer_0-1737557531926.png

 

1 REPLY 1

L4 Transporter

Hello @DopedWafer 

 

Thanks for reaching out on LiveCommunity!

Please check if you meet all the prerequisites for vulnerability assessment.

Requirement

Description

Licenses and Add-ons

  • Cortex XDR Pro per Endpoint license.

  • Host Insights Add-on.

Supported Platforms

  • Windows

    • Cortex XDR agent 7.1 or a later release.

    • Cortex XDR lists only CVEs relating to the operating system, and not CVEs relating to applications provided by other vendors.

    • Cortex XDR retrieves the latest data for each CVE from the NIST National Vulnerability Database as well as from the Microsoft Security Response Center (MSRC).

    • Cortex XDR collects KB and application information from the agents but calculates CVE only for KBs based on the data collected from MSRC and other sources

    • For endpoints running Windows Insider, Cortex XDR cannot guarantee an accurate CVE assessment.

    • Cortex XDR does not display open CVEs for endpoints running Windows releases for which Microsoft no longer fixes CVEs.

  • Linux

    • Cortex XDR agent 7.1 or a later release.

    Cortex XDR collects all the information about the operating system and the installed applications, and calculates CVE based on the the latest data retrieved from the NIST.

  • MacOS

    • Cortex XDR agent 7.1 or a later release.

    • Cortex XDR collects only the applications list from MacOS without CVE calculation.

If Cortex XDR doesn't match any CVE to its corresponding application, an error message is displayed, "No CVEs Found".

Setup and Permissions

Ensure Host Inventory Data Collection is enabled for your Cortex XDR agent.

Limitations

Cortex XDR calculates CVEs for applications according to the application version, and not according to application build numbers.

  • 151 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!