CVE-2017-11357 Telerik CVE debrief

Who should care

Security teams, application owners, and administrators responsible for Telerik UI for ASP.NET AJAX deployments should care most. This is especially important for teams supporting legacy web applications or shared application platforms that may embed the component.

Technical summary

The vulnerability is categorized as an IDOR in Telerik UI for ASP.NET AJAX. CISA's KEV entry indicates the issue is being actively exploited and points responders to vendor instructions for updates, with NVD and the CVE record as supporting references. Defenders should focus on identifying every application instance that includes this Telerik component and confirming it is remediated.

Defensive priority

Urgent

Recommended defensive actions

• Apply vendor updates per the Telerik guidance referenced by CISA.
• Inventory all applications that use Telerik UI for ASP.NET AJAX, including legacy or embedded deployments.
• Confirm which instances are exposed in production and prioritize those first.
• Use the CISA KEV catalog and NVD entry to verify remediation guidance and any affected-version details.
• Track this vulnerability as a high-priority item because CISA lists it as known exploited and associated with ransomware campaigns.

Evidence notes

CISA's Known Exploited Vulnerabilities entry for this CVE identifies the vendor as Telerik, the product as User Interface (UI) for ASP.NET AJAX, and the vulnerability name as 'Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability.' The supplied KEV metadata lists dateAdded as 2023-01-26, dueDate as 2023-02-16, knownRansomwareCampaignUse as 'Known,' and requiredAction as 'Apply updates per vendor instructions.' Supporting official references supplied in the corpus include the CVE record and NVD entry.

Official resources