out of date CVEs

I am curious about the listing of vulnerabilities in the vulnerabilities assessment.  It seems like it is catching old out dated CVE's and attaching them to fully updated machines.  for example i have numerous machines showing a vulnerability CVE-202

Apps and Threats Mismatch

Hi All

I have a pair of Panorama managed Firewalls configured in a HA Setup . However I m observing a mismatch on the App and Threat versions across both devices . Although the "Synch To Peer" option is enabled on the App and Threat schedule settin

Vulnerability Protection Profile

Hello!

I have a rule with a vulnerability protection profile enabled between my VPN users and DMZ.

I need to WebGUI (8443/8080) into a new DMZ server, but VP is stopping it.

How do I make an exception for this traffic?

Thanks,

DC

Blocking external IP addresses and blacklists

Hi,

I have some questions regarding the PAN-OS and blocking IP addresses. 

We are getting daily emails with lists of IP's that are port scanning and probing th FW. The customer wants all these addresses blocked. For example over the last 2 weeks I ha

Prisma CWP API for Compute -> Monitor -> Vulnerabilities -> Images - > Deployed

I am trying to find the Prisma CWP API to check the Vulnerability scan reports for deployed images, but couldn't find one. Can someone suggest the correct API/ doc.

Thanks

Prisma Cloud

Virus alerts on odd files in July 2023

Our SIEM has received several virus alerts from the Palo firewall since mid July.  The AV or Wildfire has flagged Adobe and Microsoft files. And now a web site for for a digital transformation and process company smartupload.sutherlandglobal.com.  Al

CVE-2023-38046 PAN-OS: 구성 커밋 중 시스템 파일 및 리소스 읽기

원본 링크

https://security.paloaltonetworks.com/CVE-2023-38046

공격 벡터: 네트워크    

범위: 변경 없음

공격 복잡도: 낮음

기밀성 영향: 높음

필요한 권한: 높음

무결성 영향: 낮음

사용자 상호 작용: 없음
가용성 영향: 없음

게시 2023-07-13
업데이트 2023-07-13
참조 PAN-208922
외부에서 발견됨

설명:

Palo Alto Networks PAN-OS 소프트웨어에는 특별히 생

Whitelist domain in ThreatVaults

Hello Team,

Hope you are doing well.

I am facing any issue regarding domain. some of legitimate domain is showing in threatvaults is there anyway to whitelist that domain from threatvaults.

Below is the screenshot that i have attached.

False Positive Anydesk

Dear Team,

Currently we find out the anydesk application (exe files) has been blocked by PaloAlto

Virus/Win32.WGeneric.dzogbf

Unique Threat ID: 593407638

already cross check with the virus total and it's clean

Could you check it for the issue, th

Need confirmation from Palo alto on DNS Trojan ShadowPad Detected

1. Customer has encountered the new threat alert named DNS Trojan ShadowPad Detected in their network but the traffic is passing through Palo alto firewall and it is allowed and no threat alerts are triggered in Palo Alto Firewall.

2. TLS Version 1

Cortex XDR logs fed into Splunk ES

Hello all,

Is there a repository of Splunk searches or queries based on Palo Alto Cortex XDR logs that I can be referred to? I am looking to create correlation searches in Splunk that will help filter through the alerts/logs received.

Is that something

Missing CVE

Dear Team,

Kindly we need to know if the below high vulnerabilities will be added soon as there are no signatures for them on Palo Alto:

1- CVE-2022-2601 regarding the below:

https://linux.oracle.com/cve/CVE-2022-2601.html

2- CVE-2022-3775 regard

Thwarting the Theft of OAuth Session Tokens Using Secured Containerized Development Environments (CDEs)

Cyberattacks targeting resource credentials such as session tokens are on the rise 

Recent high-profile cases such as the source code leaks of Slack's GitHub repositories in January 2023, CircleCI in January 2023, and before that GitHub accounts in