Prisma Cloud Runtime Security not showing CVEs Marked as DISPUTED or REJECTED

Prisma Cloud Runtime Security not showing CVEs Marked as DISPUTED or REJECTED

5310
Created On 12/30/21 14:45 PM - Last Modified 04/30/25 21:34 PM


Symptom


No Disputed and Rejected CVEs in Prisma Cloud Runtime Security CVE Viewer.

Environment


  • Prisma Cloud Runtime Security
  • Prisma Cloud Compute Self-Hosted version 30.00 and above.

Cause


When one party disagrees with another party’s assertion that a particular issue is a vulnerability, a CVE Record assigned to that issue may be designated as being DISPUTED. In these cases, the CVE Program is making no determination as to which party is correct. Instead, we make note of this dispute and try to offer any public references that will better inform those trying to understand the facts of the issue

A CVE Record listed as REJECT is a CVE Record that is not accepted as a CVE Record.

 


To View the CVE information in Prisma Cloud Compute:

  1. Log in to Prisma Cloud Runtime Security console.
  2. Go to: 
    Monitor > Vulnerabilities > CVE Viewer
  3.  If you search for these CVEs, it will not show any results, therefore, these CVEs will not show on any of your packages as shown in the screenshots below.
 


 

Resolution


The reason why DISPUTED vulnerabilities are not added to Prisma Cloud Compute Database is that we avoid showing false positives, and do not mislead our customers with disputed CVEs.

Additional Information


Reference: What is a  Disputed  or a Rejected CVE? 
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004MhuCAE&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language