Skip to main content
Solved

Vulnerability scans detect CommVault Dotnet framework package 6.0.16

  • February 26, 2025
  • 3 replies
  • 56 views

Forum|alt.badge.img+5

Hi Good Day,

We have recently upgraded CommVault server to latest version 11.36.35 which use the Dotnet framework version 8.0.11. This was to fix the Dotnet version 6.0.16 vulnerability issue.

Even after the upgrade the security scan detect 6.0.16 package on the CommVault server. When I check the add/remove program it shows both 6.0.16 and 8.0.11 packages. Not sure why, as it supposed to be maintained the version 8.0.11.

Appreciate your help on this matter. How to fix it.

Best answer by Damian Andre

Hi ​@Comtech,

Commvault does not uninstall the old package because there could be other applications relying on it - its not a Commvault package, so we play it safe. You can uninstall the old package if you upgraded the software - it will no longer rely on it.

View original
Did this answer your question?

3 replies

Forum|alt.badge.img+5
  • Author
  • 10 replies
  • February 26, 2025

Attached the picture of packages installed.


Damian Andre
Vaulter
Forum|alt.badge.img+23
  • Vaulter
  • 1292 replies
  • Answer
  • February 26, 2025

Hi ​@Comtech,

Commvault does not uninstall the old package because there could be other applications relying on it - its not a Commvault package, so we play it safe. You can uninstall the old package if you upgraded the software - it will no longer rely on it.


Forum|alt.badge.img+5
  • Author
  • 10 replies
  • February 26, 2025

Thank you, Damian Andre!


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings