Share via

Azure Advisor shows vulnerabilities in non existing container images

Nowak, Wawrzyniec 20 Reputation points
2024-04-04T08:43:17.4866667+00:00

I have Azure Advisor turned on and it reports vulnerabilities in the container images under Security using [Preview] "Container images in Azure registry should have vulnerability findings resolved" recommendation. For some reason when I select the affected resource it points to the image that is no longer in the registry. According to the documentation https://learn.microsoft.com/en-us/azure/defender-for-cloud/agentless-vulnerability-assessment-azure#if-i-remove-an-image-from-my-registry-how-long-before-vulnerabilities-reports-on-that-image-would-be-removed the notification can persist up to 3 days after deletion but that image has been deleted earlier than these 3 days. Can I somehow refresh it or how to update this recommendation?

Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 35,626 Reputation points Microsoft Employee Moderator
    2024-04-04T10:37:37.1533333+00:00

    @Nowak, Wawrzyniec Thank you for reaching out to us, would recommend to check/list all the digests in the registry to confirm container image is not present.

    You can run the commands mentioned here - https://learn.microsoft.com/en-us/azure/container-registry/container-registry-get-started-azure-cli#:~:text=List%20container%20images to list the repositories in your registry.

    if its confirmed its not present, would recommend to work with our support team to investigate this further where we might need help from our engineering team as well.

    Do you have the support contract with us to create a support ticket ?

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.