PAN-OS - Security Advisories Vulnerability Check
This Playbook is part of the PAN-OS by Palo Alto Networks Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
PAN-OS - Security Advisories Vulnerability Check#
Checks if any Palo Alto Networks firewalls in your environment have PAN-OS software versions or GlobalProtect client package versions that are vulnerable to a specific CVE ID, as published on the Palo Alto Networks Security Advisories page. The playbook accepts an optional target parameter to check a specific firewall by serial number. If a non-Palo Networks CVE is provided, the playbook returns an empty output.
Dependencies#
This playbook uses the following integrations and scripts.
Integrations#
- Panorama
Scripts#
- PAN-OS_Security_Advisories_Enrichment
- CheckFirewallAndGPForCVEs
Commands#
- pan-os-platform-get-system-info
Playbook Inputs#
| Name | Description | Required |
|---|---|---|
| cve_id | The CVE ID published on the Palo Alto Networks Security Advisories page to check if any firewalls are affected by it. | Required |
| target | The serial number of a specific firewall to check if the above mentioned CVE affects it. | Optional |
Playbook Outputs#
| Name | Description |
|---|---|
| CVE_Check.CVE_ID | ID of the checked CVE. |
| CVE_Check.Result | Result of the assessment for the input CVE with details about the firewall in the following json format: { Hostname : string, IPAddress : string, SWVersion : string, IsFirewallVersionAffected : True/False, GlobalProtectVersion : string, IsGlobalProtectVersionAffected: True/False } |
| CVE_Check.Severity | Severity of the CVE checked |
Playbook Image#
