Detections
Analytics

Ensure that '.Net Framework' version is the latest in Azure App Service

MEDIUM

Description

Older '.Net Framework' versions in Azure App Service may be open to a number of known and unknown vulnerabilities.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to App Services.
  2. Select the App service you wish to edit (the setting only applies to Windows app services).
  3. Select Configuration under Settings, then the General settings tab.
  4. Set .NET version to a newer version.
  5. Save.

In Terraform -

  1. In the azurerm_app_service resource, set dotnet_framework_version to a newer version.

References:
https://learn.microsoft.com/en-us/azure/app-service/configure-language-dotnet-framework
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#dotnet_framework_version

Policy Details

Rule Reference ID: AC_AZURE_0249
CSP: Azure
Remediation Available: Yes
Domain: Configuration and Vulnerability Analysis
Resource: azurerm_app_service
Resource Category: Serverless
Resource Type: App Service

Frameworks