OpenSSL has announced a major bug affecting 3.x version, known as SpookySSL. Lookup CVE-2022-3786 and CVE-2022-3602 for further details.
Unfortunately for Palo Alto Networks Prisma Cloud Compute users, this tool doesn't have a way to search all images by a package name.
This script will search all your deployed containers, and dump them in a single json.
The script is targeting affected version of openssl, and binaries known to be compiled with vulnerable openssl version, like nodejs. See this document for more information on affected software.
You need nodejs, and npm or yarn.
First, install dependencies by running npm/yarn install.
Second, export some of the important env variables:
export BASIC_AUTH_TOKEN=<YOUR-TOKEN-GOES-HERE>
export BASE_URL='https://prismacloudconsole.example.com/'Finally, run the script:
node index.jsThe report should contain affected containers as list of JSON objects.