This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 38%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPT%3C/text%3E%3C/svg%3E)
Azure Web App on App service plan running April 9 2024 build of Windows Server 2022 (OS Build 20348.2402). Have been audited by a 3rd party security company which have found 3x OS vulnerabilities for the following CVEs, CVE-2024-21344 - CVE-2024-21377 - CVE-2024-21362. Question - these CVEs were patched in the Feb 09 2024 (OS Build 20348.2322), why would these vulnerabilities show up in this report for this version of Server. Only reasons I can think of is report is old or OS has been updated by MS since the report was generated. Being Azure PaaS service there isn't a way to really confirm.
Security scanners are known to report false positives. Therefore, if you're wondering "why would these vulnerabilities show up in this report for this version of Server," it might be best to direct this question to the third-party security company that conducted the scan.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 9%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWL%3C/text%3E%3C/svg%3E)
Hello
If the machine has been up to date from the internet directly, it means the related vulnerabilities should have been fixed. As for the report result, it is recommended to ask for help from the third party software support.