10-26-2021 06:38 AM
We have noticed some vulnerability logs in our PA for the Telerik application in our environment.
the threat vault id is 59014 but according to the link. https://threatvault.paloaltonetworks.com/?query=59014).
https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization
To fix this vulnerability we need to upgrade the Telerik version 2020.1.114 but my current version is more than this 2020.3.915 it means this is non-vulnerable.
The issue is that I am getting vulnerability logs continuously. however, this is already fixed according to the PA KB.
can anyone guide me, what is the solution for this?
please note that I don't want to enable the exception for this thread id 59014.
10-26-2021 06:22 PM
You could reach out to TAC and let them know that this threat-id signature may be a false positive, but keep in mind that just because the vulnerability isn't applicable to your environment doesn't mean that you can't see exploit attempts. Are you sure that what you are seeing is actually a false positive and not someone actively trying to exploit the vulnerability that you may already have patched?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
