Why does an older Prisma Cloud Console Version detect fewer CVEs than the newest version?
397
Created On 10/25/23 08:50 AM - Last Modified 03/25/25 19:12 PM
Question
Why does an older Prisma Cloud Console Version detect fewer CVEs than the newest version?
Environment
- Prisma Cloud Compute Edition Self-Hosted (All Versions)
Answer
Consider you have an environment running Console version 22.12 and another running a newer version 31.x.
In the image below, you can see the scan results for the same image, and the results differ in the number of CVEs detected.
- Scan results for the image 'ubi9:latest' on Prisma Cloud Console Version 22.12.
- Scan results for the image 'ubi9:latest' on Prisma Cloud Console Version 31.x
We continuously improve Prisma Cloud Compute's intelligence feed, which can lead to changes in CVE severity or the identification of new threat data due to updated signatures. The console plays a role in matching packages to CVEs, which is why many detection fixes take place with the next major release, not only with an Intelligence Stream update.
In short, upgrading the console usually includes improvements in vulnerability detection logic, sometimes resulting in more CVEs reported.
Additional Information
Related Article: Why is a newer scan in Prisma Cloud Compute showing critical CVEs where older scans are not?