Issue with the vulnerability logs.

cancel
Showing results for 
Search instead for 
Did you mean: 

Issue with the vulnerability logs.

L4 Transporter

We have noticed some vulnerability logs in our PA for the Telerik application in our environment.

the threat vault id is 59014 but according to the link. https://threatvault.paloaltonetworks.com/?query=59014).

 

 https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization

 

 

To fix this vulnerability we need to upgrade the Telerik version 2020.1.114 but my current version is more than this 2020.3.915 it means this is non-vulnerable.

The issue is that I am getting vulnerability logs continuously. however, this is already fixed according to the PA KB.

 

Jafar_Hussain_0-1635255328006.jpeg

 

can anyone guide me, what is the solution for this?

please note that I don't want to enable the exception for this thread id 59014.

 

 

1 REPLY 1

Cyber Elite
Cyber Elite

@Jafar_Hussain,

You could reach out to TAC and let them know that this threat-id signature may be a false positive, but keep in mind that just because the vulnerability isn't applicable to your environment doesn't mean that you can't see exploit attempts. Are you sure that what you are seeing is actually a false positive and not someone actively trying to exploit the vulnerability that you may already have patched? 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!