These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2017-11357 is an insecure direct object reference (IDOR) affecting Telerik UI for ASP.NET AJAX. CISA added it to the Known Exploited Vulnerabilities catalog and marked it as known ransomware-campaign related, so organizations using this component should treat remediation as urgent.
CVE-2017-11317 is a CISA Known Exploited Vulnerabilities (KEV) entry for Telerik UI for ASP.NET AJAX. CISA describes it as an unrestricted file upload vulnerability and directs affected users to apply updates per vendor instructions. Because it is listed in the KEV catalog, defenders should treat exposed Telerik UI for ASP.NET AJAX deployments as a priority for inventory, patching, and validation.