How to create a vulnerability exception

How to create a vulnerability exception

Created On 09/26/18 20:30 PM - Last Modified 03/28/22 19:47 PM

When you want to add an exception on vulnerability signatures.

Threat license 

Sometimes you want to alternate the behavior and default action on the signature, and this can be done for only one signature or for only a few IPs.



You may wish to alter the action taken for a vulnerability signature trigger for one single signature in one vulnerability protection object. Please see below for instructions.


For more information on all of the exceptions, and how to use them, please visit this article:

How to Use Anti-Spyware, Vulnerability, and Antivirus Exceptions to Block or Allow Threats



  1. Log into the webGUI of your PAN-OS appliance.
  2. Navigate to the Objects tab.navigation bar.pngUsing the navigation menu on the left, select Security Profiles > Vulnerability profiles.png
  3. Under the name column in the window on the right, select the Vulnerability Protection object you wish to edit the signature in by clicking on the name. Please note that the default and strict policies, which come default with PAN-OS, cannot be changed and must be cloned first.vulnerbility protection profile.png
  4. Select the Exceptions tab.
  5. Check the show all signatures box.
  6. Search for the threat ID number (or name).
  7. Change the action you wish for the signature to take.
  8. Check the enable box.exceptions.png
  9. Click OK!
  10. Commit the changes.


After this is done, every signature in that profile should continue taking the assigned default actions, except for the one you just altered. In this instance, signature 30419 now has an action of ALLOW for any security rules this vulnerability profile is assigned.


Note:  Certain vulnerabilities, typically brute-force related, can have their thresholds changed with vulnerability exception:





Note: In the case that you need to collect extended captures in order to report on potential false positives, please follow this article .

  • Print
  • Copy Link

Choose Language