Assess Vulnerabilities
Table of Contents
Assess Vulnerabilities
View the vulnerabilities on a firewall according to PAN-OS
version and enabled features.
If your AIOps for NGFW app has been updated to give you the new Strata Cloud Manager management experience, visit these docs instead. Here's how to switch
between the two AIOps for NGFW guides based on the interface you're using:
AIOps for NGFW
shows you which
vulnerabilities affect a given firewall and PAN-OS version to help
you decide whether you should upgrade. Select the PAN-OS
Known Vulnerability
alert to see the latest security advisories impacting the firewall that
raised the alert. Select
Vulnerabilities in this
PAN-OS version
to view the affected feature for a vulnerability
in the Feature Affected
column. This helps
you to decide whether to upgrade a firewall based on the vulnerability and
its impact on your enabled feature. If a CVE is not associated with
a feature, then the value under Feature Affected
is
blank. This type of CVE affects the firewall with the specified
model or version.By default, the
PAN-OS Known
Vulnerability
alert shows all of the vulnerabilities
in the PAN-OS version on the device. However, if you enabled Product Usage telemetry on
the firewall, you can choose to view only the vulnerabilities that
affect the particular firewall based on its enabled features. That
way, you can better understand which vulnerabilities are a concern
for the firewall and make a more informed decision about whether
to upgrade. To check the devices that a CVE impacts, view
the Security Advisory Summary page.