Vulnerability List

HA13029 · October 31, 2023, 7:09am

Hi,

I have some questions about vulnerability feature.
I installed a version of Palo Alto Global Protect (version 6.0.1) which is vulnerable
Details CVE-2023-0006 (CVE-2023-0006 GlobalProtect App: Local File Deletion Vulnerability).

I expected to get this vulnerability appears in the list after updating the software inventory of the affected devices.
But the list remains empty…

Questions:
What kind of vulnerability are covered ? OS, Applications ??
What’s is the source of these vulnerabilities ? NVD database, home made
Does it over all the applications or only the one recognized by Xcitium (see Xcitium Enterprise Admin Guide - Xcitium Supported 3rd Party Applications | Comodo) ??

Regards,

HA

ilgaz · October 31, 2023, 8:39am

hi @HA13029 , only OS vulnerabilities are covered as of today. The list is fetched and aggregated based on the available patches that Windows Update Service reports from endpoints.
We have this on the roadmap.
CS-23110: Vulnerability Management for 3rd Party Apps
I will get back to you with a possible ETA as soon as possible.

HA13029 · October 31, 2023, 10:28am

Thanks for your answer !!

allen · December 22, 2023, 6:55am

@ilgaz

Hi，where can I see xcitium’s roadmap?

And is CS-23110 still in progress? Some of my customers have also asked this question.

ilgaz · December 22, 2023, 7:01am

Hi @allen , we will check with ITarian team on this and get back to you as soon as possible.