CVE and Threat Signature

Reply
Highlighted
L1 Bithead

CVE and Threat Signature

In looking at the threats in the Vulnerability Protection profile only a relatively small number have CVEs associated with them. Is there a way to get a list of those that do without just scrolling through the pages of threats in the GUI? Also, is there somewhere that the whole list of vulnerabilities is posted from PA? I suspect not as this is probably proprietary but in case there is, where?

 

Thanks.

Highlighted
L7 Applicator

Re: CVE and Threat Signature

On https://threatvault.paloaltonetworks.com is a searchable database of all the different signatures ... only metadata and not, as you already expected, the details on how the signature actually looks like that is used in PAN-OS.

 

For your first question: It is possible to pull a signaturelist including CVE numbers over the PAN-OS API

Highlighted
L1 Bithead

Re: CVE and Threat Signature

Thanks for the feedback. The threat vault is great for searching for individual threats, but not for getting a list of all of them. 

 

I'm looking at the XML API guide and don't see the command for pulling the entire signature list to put in a request. Do you have a link to the page that explains it, or at least the command that would pull it in the CLI and I can put that in the API request?

Highlighted
L7 Applicator

Re: CVE and Threat Signature

https://FIREWALLNAME-OR-IP/api/?type=config&action=get&xpath=/config/predefined/threats/vulnerability

 

But if you are already on 8.0 this works only with 8.0.3. In the other 8.0 versions there is a bug, so CVEs are not shown there.

L1 Bithead

Re: CVE and Threat Signature

https[:]//IPADDRESS/api/?key=YOURKEY&type=op&cmd=<show><predefined><xpath>/predefined/threats/vulnerability</xpath></predefined></show>

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!