1. Overview

Common Vulnerabilities and Exposures (CVE) is a system for referencing publicly known vulnerabilities by identifiers. The goal of the system is to make it easier to share vulnerability data across stakeholders, including software vendors, tool vendors, security practitioners, and end users.

A CVE entry describes a specific known vulnerability. Each CVE entry has an identifier, such as CVE-2020-1234. A CVE entry is colloquially known as a CVE, and it’s security practitioner parlance for a publicly disclosed vulnerability.

2. Searching for a specific CVE

You can determine if Prisma Cloud offers coverage for a specific CVE by using the search interface in Console. The CVE ID syntax is:

CVE-YYYY-NNNN

Where:

CVE

CVE-ID prefix.

YYYY

Calendar year.

NNNN

Numeric digits. This field has a variable length, but the minimum length is four digits.

To search for a specific vulnerability:

  1. Open Console, then go to Monitor > Vulnerabilities > CVE Viewer.

  2. In the query text box in the top right, enter a CVE ID.

    For example, enter CVE-2015-1345.

    If Prisma Cloud has coverage for the queried vulnerability, details are listed in the results table.

    search cves results

3. Allow a CVE

Allowing CVEs is done directly as a policy.