.Net vulnerability

Question

Hi Team,I can see below .NET related vulnerability.Can you please let me know, if .NET update will impact Commvault backup server and media agents ?Microsoft CVE-2020-0605: .NET Framework Remote Code Execution Vulnerability		Microsoft CVE-2020-1046: .NET Framework Remote Code Execution Vulnerability		Microsoft CVE-2020-1147: .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability		Microsoft CVE-2021-24111: .NET Framework Denial of Service Vulnerability		Microsoft CVE-2022-26832: .NET Framework Denial of Service Vulnerability		Microsoft CVE-2020-1108: .NET Core & .NET Framework Denial of Service Vulnerability		Microsoft CVE-2022-21911: .NET Framework Denial of Service Vulnerability		Microsoft CVE-2022-41064: .NET Framework Information Disclosure Vulnerability		Microsoft CVE-2023-21722: .NET Framework Denial of Service Vulnerability		Microsoft CVE-2023-21808: .NET and Visual Studio Remote Code Execution Vulnerability		Microsoft CVE-2022-41089: .NET Framework Remote Code Execution Vulnerability		Microsoft CVE-2020-16937: .NET Framework Information Disclosure Vulnerability		Microsoft CVE-2022-30130: .NET Framework Denial of Service Vulnerability		Microsoft CVE-2020-1476: ASP.NET and .NET Elevation of Privilege Vulnerability

Damian Andre · Accepted Answer

Hey @Ajinkya,You are all good to install the .net updates - minor version updates are also ok. The only component that is really sensitive to .net version is the webserver on the CommServe which requires Microsoft .NET Framework 4.6.2 and .NET Core 6.0.1 for release 2022E (11.28). If you install through windows update it will patch the current version, so all good.

Ajinkya · Answer

Hello @Damian Andre,Thank you for the ans.

.Net vulnerability

2 replies

Reply

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded