- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-12-2024 02:12 AM
Hi,
The question is related to following vulnerability: https://security.paloaltonetworks.com/CVE-2024-3400
In this it said "Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 95187 (introduced in Applications and Threats content version 8833-8682)."
However, when I update content signature to the latest ( which is 8833-8682 ), and then try to create new vulnerability profile with specifying 95187 only, it does not shows me 95187.
With ID range, the result is as below
I'm sure there is ID 95187 because I can check via CLI.
admin@PA-410> show system info | match app-version
app-version: 8833-8682
admin@PA-410> show threat id 95187
This signature detects malicious payload in HTTPS request.
critical
Unknown
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention
admin@PA-410>
NOTE: I can replicate this condition with other platforms too.
How can I create this vulnerability profile for mitigation?