How to Upgrade .NET and ASP.NET Runtimes When Using Veeam ONE

KB ID: 4410
Product: Veeam ONE | 10 | 11 | 12
Published: 2023-02-10
Last Modified: 2023-02-10
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please try again later.

Purpose

This article documents how to upgrade the .NET and ASP.NET runtime to the latest version when using Veeam ONE.

Veeam ONE utilizes .NET components for multiple purposes like Reporting, Web Services, and more. 

The December 2022 Microsoft Security Updates comes with a remote code execution vulnerability fix for NET Core 3.1, .NET 6.0, and .NET 7.0. Those packages should be updated.

Customers running Veeam ONE version 12 or older are advised to follow the steps described in this article to mitigate Microsoft CVE-2022-41089.

Solution

Software Dependencies
Do not uninstall .NET Core 3.1.x or ASP.NET 3.1.x; they are dependencies of Veeam ONE. Uninstalling them will cause issues with Veeam ONE. Even if newer versions of .NET (e.g., 6.x or 7.x) are installed, Veeam ONE still requires .NET Core 3.1.x and ASP.NET 3.1.x.

To mitigate Microsoft .NET Framework Remote Code Execution Vulnerability (CVE-2022-41089):

  1. On the Veeam ONE Server, download the x64 package for both Runtime Installer and ASP.NET Core Runtime, as highlighted in the screenshot below from core/3.1.32.md at main · dotnet/core · GitHub
GitHub Download Highlight
  1. Prepare a rollback plan in case something goes wrong:
    • If the Veeam ONE server is a Virtual Machine, create a Snapshot.
    • If the Veeam ONE server is a physical machine, consider creating an OS backup utilizing Veeam Agent for Windows with a SQL Database backup.
  2. On the Veeam ONE server, run the x64 Runtime Installer and x64 ASP.NET Core Runtime packages you downloaded in Step 1.

    The installation process will take a few moments. 
  3. Once both packages are installed, you can confirm that they are applied correctly in the Apps and Features section, as shown below:
.net v3.1.32 installed
  1. Restart the Veeam ONE Monitoring Service and the Veeam ONE Reporting Service, or reboot the Veeam ONE server.
Restart-Service VeeamRSS,VeeamDCS
To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please try again later.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Start using Veeam:
Download the product
&
Activate the license key
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please try again later.