Scan results for 20.12.541

OpenSCAP and vulnerability scan report:
  • Prisma Cloud Compute release: 20.12 Update 2 (20.12.541)
  • Base image: registry.access.redhat.com/ubi8/ubi-minimal:8.2-349
  • Benchmark URL: scap-security-guide-0.1.54/ssg-rhel8-ds.xml
  • Benchmark ID: xccdf_org.ssgproject.content_benchmark_RHEL-8
  • Profile ID: xccdf_org.ssgproject.content_profile_stig
  • Compared to IronBank’s UBI8-minimal, Version 8.3 - Build 159602 - Approved, Build Date: 2021-02-12T00:45:02.855Z

twistlock/private:console_20_12_541

Findings for Prisma Cloud Compute Console.

OpenSCAP report

You can find the report here.
Rule_ID
Compute finding
IronBank finding
Justification
xccdf_org.ssgproject.content_rule_configure_openssl_crypto_policy
Pass
Fail
/etc/pki/tls/openssl.cnf configured according to check
xccdf_org.ssgproject.content_rule_banner_etc_issue
Fail
Pass
Application is a non-interactive container. There is no interactive console session with the container.

Vulnerabilities report

You can find the report here.
CVE
Package
Version
Fix Status
Justification
CVE-2019-25013
glibc
2.28-127.el8
RedHat has not released patch
CVE-2021-3326
glibc
2.28-127.el8
RedHat has not released patch
CVE-2020-29361
p11-kit
0.23.14-5.el8_0
RedHat has not released patch
CVE-2020-29363
p11-kit
0.23.14-5.el8_0
RedHat has not released patch
CVE-2020-29362
p11-kit
0.23.14-5.el8_0
RedHat has not released patch
CVE-2020-8927
brotli
1.0.6-2.el8
RedHat has not released patch
CVE-2020-8284
curl
7.61.1-14.el8_3.1
RedHat has not released patch
CVE-2020-8285
curl
7.61.1-14.el8_3.1
RedHat has not released patch
CVE-2020-8286
curl
7.61.1-14.el8_3.1
RedHat has not released patch
CVE-2020-8231
curl
7.61.1-14.el8_3.1
RedHat has not released patch

twistlock/private:defender_20_12_541

Findings for Prisma Cloud Compute Defender.

OpenSCAP report

You can find the report here.
Rule_ID
Compute finding
IronBank finding
Justification
xccdf_org.ssgproject.content_rule_configure_openssl_crypto_policy
Pass
Fail
/etc/pki/tls/openssl.cnf configured according to check
xccdf_org.ssgproject.content_rule_banner_etc_issue
Fail
Pass
Application is a non-interactive container. There is no interactive console session with the container.

Vulnerabilities report

You can find the report here.
CVE
Package
Version
Fix Status
Justification
CVE-2019-25013
glibc
2.28-127.el8
RedHat has not released patch
CVE-2021-3326
glibc
2.28-127.el8
RedHat has not released patch
CVE-2020-29361
p11-kit
0.23.14-5.el8_0
RedHat has not released patch
CVE-2020-29363
p11-kit
0.23.14-5.el8_0
RedHat has not released patch
CVE-2020-29362
p11-kit
0.23.14-5.el8_0
RedHat has not released patch
CVE-2020-8927
brotli
1.0.6-2.el8
RedHat has not released patch
CVE-2020-8284
curl
7.61.1-14.el8_3.1
RedHat has not released patch
CVE-2020-8285
curl
7.61.1-14.el8_3.1
RedHat has not released patch
CVE-2020-8286
curl
7.61.1-14.el8_3.1
RedHat has not released patch
CVE-2020-8231
curl
7.61.1-14.el8_3.1
RedHat has not released patch

Recommended For You