Why none of the CVEs on Cortex XDR are from years prior to 2017?

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Why none of the CVEs on Cortex XDR are from years prior to 2017?

L1 Bithead

All the CVEs that appear on the platform Cortex XDR date back to 2017, when I see the vulnerability assessment section, none of the CVEs are from years prior to 2017. Could you give me an answer as to why this is so?


L4 Transporter

Hi @Rolando_Pena, thanks for reaching us using the Live Community.

The Vulnerability Assessment covers vulnerabilities older than 2017, you might not have any present in your Endpoints.



What kind of sorcery is this ?

How do you have CVEs for Applications. I thought, at least up to now, that the assessment was only applicable to OS related vulnerabilities

Hi @ithermos, this is part of the Host Insights Add-on. Take a look at the documentation: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Vulnerabili...


First of all thanks for the response.

I have the Add-on installed for quite some time. Furthermore, from the link you provided and is what I also read in the past, I quote:

"Cortex XDR lists only CVEs relating to the operating system, and not CVEs relating to applications provided by other vendors."

In the APPLICATION/OPERATING SYSTEM column in the console, as a value there is only "Operating System"; when you I hide this value there is not a single entry for a CVE. Strange.

  • 4 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!