How to Filter Images by Vulnerabilities or CVEs in Prisma Cloud Compute?
2120
Created On 12/29/21 01:51 AM - Last Modified 01/11/22 15:46 PM
Objective
- How to Filter Images by Vulnerabilities or CVEs in Prisma Cloud Compute?
Environment
- Prisma Cloud Compute Edition (Self-Hosted)
- Prisma Cloud Enterprise Edition (SaaS)
Procedure
- The "Vulnerability Explorer" helps survey the Vulnerabilities across your environment and filter images based on a particular CVE.
If Prisma Cloud Compute Edition (Self-Hosted) Console:
- Go to Monitor > Vulnerabilities > Vulnerability Explorer > Input the CVE of interest (Eg. CVE-2021-21687)
- The filtered list can be downloaded in CSV format.
- Click anywhere on the entry list (under tabs - Risk score, CVE risk factors, Environmental risk factors or Impacted Packages) to get the Images impacted by this CVE.
- As seen below, 2 Images are impacted by CVE-2021-21687.
If Prisma Cloud Enterprise Edition (SaaS) Console:
- Go to Compute > Monitor > Vulnerabilities > Vulnerability Explorer > Input the CVE of interest (Eg. CVE-2021-41990)
- The filtered list can be downloaded in CSV format.
- Click anywhere on the entry list (under tabs - Risk score, CVE risk factors, Environmental risk factors or Impacted Packages) to get the Images impacted by this CVE.
- As seen below, 1 Image is impacted by CVE-2021-41990.
- For a Video Tutorial on Vulnerability Explorer, refer : Video Tutorial: What Does Vulnerability Explorer Accomplish Within Prisma Cloud?
Additional Information
NOTE:
- Currently, under Monitor > Vulnerabilities > Images, Images can only be filtered by certain keywords and attributes, and not by a specific CVE, as show below:
- Following Feature Requests have been raised for adding a CVE Vulnerability Filter under Monitor > Vulnerabilities > Images, with no ETA at this time.
- Add Additional Filters to Image Details: PANW-I-3012
- Add CVE filter to CI Image Scan reports in the Console UI: PANW-I-2959