CVE and Threat Signature

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

CVE and Threat Signature

L1 Bithead

In looking at the threats in the Vulnerability Protection profile only a relatively small number have CVEs associated with them. Is there a way to get a list of those that do without just scrolling through the pages of threats in the GUI? Also, is there somewhere that the whole list of vulnerabilities is posted from PA? I suspect not as this is probably proprietary but in case there is, where?

 

Thanks.

4 REPLIES 4

L7 Applicator

On https://threatvault.paloaltonetworks.com is a searchable database of all the different signatures ... only metadata and not, as you already expected, the details on how the signature actually looks like that is used in PAN-OS.

 

For your first question: It is possible to pull a signaturelist including CVE numbers over the PAN-OS API

Thanks for the feedback. The threat vault is great for searching for individual threats, but not for getting a list of all of them. 

 

I'm looking at the XML API guide and don't see the command for pulling the entire signature list to put in a request. Do you have a link to the page that explains it, or at least the command that would pull it in the CLI and I can put that in the API request?

https://FIREWALLNAME-OR-IP/api/?type=config&action=get&xpath=/config/predefined/threats/vulnerability

 

But if you are already on 8.0 this works only with 8.0.3. In the other 8.0 versions there is a bug, so CVEs are not shown there.

https[:]//IPADDRESS/api/?key=YOURKEY&type=op&cmd=<show><predefined><xpath>/predefined/threats/vulnerability</xpath></predefined></show>

  • 4293 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!