https://live.paloaltonetworks.com/t5/general-topics/issue-with-the-vulnerability-logs/m-p/443442#M100222 <P>We have noticed some vulnerability logs in our PA for the Telerik application in our environment.</P><P>the threat vault id is 59014 but according to the link. <A href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fthreatvault.paloaltonetworks.com%2F%3Fquery%3D59014&amp;data=04%7C01%7Csupport%40starlinkme.net%7Ca5b3d761a6e2458f734508d99222ae28%7Cf59fc278b75a4bf4879bbb6911a66683%7C0%7C0%7C637701499959619194%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=66X4d%2B7xdm2XrdtBGBNiEWq%2FkzvMcaVPctaRAnM7Jh0%3D&amp;reserved=0" target="_blank">https://threatvault.paloaltonetworks.com/?query=59014</A>).</P><P>&nbsp;</P><P>&nbsp;<A href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.telerik.com%2Fsupport%2Fkb%2Faspnet-ajax%2Fdetails%2Fallows-javascriptserializer-deserialization&amp;data=04%7C01%7Csupport%40starlinkme.net%7Ca5b3d761a6e2458f734508d99222ae28%7Cf59fc278b75a4bf4879bbb6911a66683%7C0%7C0%7C637701499959619194%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=KnrORWWgWKQPpmqBIS%2FvFVTB3%2BCwW2VDBgVvHphkwq8%3D&amp;reserved=0" target="_blank">https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization</A></P><P>&nbsp;</P><P>&nbsp;</P><P>To fix this vulnerability we need to upgrade the Telerik version <EM><STRONG>2020.1.114</STRONG></EM> but my current version is more than this <EM><STRONG>2020.3.915</STRONG></EM> it means this is non-vulnerable.</P><P>The issue is that I am getting vulnerability logs continuously. however, this is already fixed according to the PA KB.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Jafar_Hussain_0-1635255328006.jpeg" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/37246i39DC1FD14FB91E45/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="Jafar_Hussain_0-1635255328006.jpeg" alt="Jafar_Hussain_0-1635255328006.jpeg" /></span></P><P>&nbsp;</P><P>can anyone guide me, what is the solution for this?</P><P>please note that I don't want to enable the exception for this thread id 59014.</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 26 Oct 2021 13:38:59 GMT Jafar_Hussain 2021-10-26T13:38:59Z https://live.paloaltonetworks.com/t5/general-topics/issue-with-the-vulnerability-logs/m-p/443442#M100222 <P>We have noticed some vulnerability logs in our PA for the Telerik application in our environment.</P><P>the threat vault id is 59014 but according to the link. <A href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fthreatvault.paloaltonetworks.com%2F%3Fquery%3D59014&amp;data=04%7C01%7Csupport%40starlinkme.net%7Ca5b3d761a6e2458f734508d99222ae28%7Cf59fc278b75a4bf4879bbb6911a66683%7C0%7C0%7C637701499959619194%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=66X4d%2B7xdm2XrdtBGBNiEWq%2FkzvMcaVPctaRAnM7Jh0%3D&amp;reserved=0" target="_blank">https://threatvault.paloaltonetworks.com/?query=59014</A>).</P><P>&nbsp;</P><P>&nbsp;<A href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.telerik.com%2Fsupport%2Fkb%2Faspnet-ajax%2Fdetails%2Fallows-javascriptserializer-deserialization&amp;data=04%7C01%7Csupport%40starlinkme.net%7Ca5b3d761a6e2458f734508d99222ae28%7Cf59fc278b75a4bf4879bbb6911a66683%7C0%7C0%7C637701499959619194%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=KnrORWWgWKQPpmqBIS%2FvFVTB3%2BCwW2VDBgVvHphkwq8%3D&amp;reserved=0" target="_blank">https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization</A></P><P>&nbsp;</P><P>&nbsp;</P><P>To fix this vulnerability we need to upgrade the Telerik version <EM><STRONG>2020.1.114</STRONG></EM> but my current version is more than this <EM><STRONG>2020.3.915</STRONG></EM> it means this is non-vulnerable.</P><P>The issue is that I am getting vulnerability logs continuously. however, this is already fixed according to the PA KB.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Jafar_Hussain_0-1635255328006.jpeg" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/37246i39DC1FD14FB91E45/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="Jafar_Hussain_0-1635255328006.jpeg" alt="Jafar_Hussain_0-1635255328006.jpeg" /></span></P><P>&nbsp;</P><P>can anyone guide me, what is the solution for this?</P><P>please note that I don't want to enable the exception for this thread id 59014.</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 26 Oct 2021 13:38:59 GMT https://live.paloaltonetworks.com/t5/general-topics/issue-with-the-vulnerability-logs/m-p/443442#M100222 Jafar_Hussain 2021-10-26T13:38:59Z https://live.paloaltonetworks.com/t5/general-topics/issue-with-the-vulnerability-logs/m-p/443642#M100241 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/124013">@Jafar_Hussain</a>,</P> <P>You could reach out to TAC and let them know that this threat-id signature may be a false positive, but keep in mind that just because the vulnerability isn't applicable to your environment doesn't mean that you can't see exploit attempts. Are you sure that what you are seeing is actually a false positive and not someone actively trying to exploit the vulnerability that you may already have patched?&nbsp;</P> Wed, 27 Oct 2021 01:22:59 GMT https://live.paloaltonetworks.com/t5/general-topics/issue-with-the-vulnerability-logs/m-p/443642#M100241 BPry 2021-10-27T01:22:59Z