Nessus 的 Web Servers 系列

ID名称严重性
156945Cisco Adaptive Security Device Manager (ASDM) 检测
info
156944Oracle HTTP Server (Jan 2022 CPU)
critical
156941MobileIron Core Log4Shell 直接检查 (CVE-2021-44228)
critical
156725SAP NetWeaver AS ABAP Information Disclosure (January 2022)
medium
156724IBM WebSphere Application Server 7.x <= 7.0.0.45 / 8.x <= 8.0.0.15 / 8.5.x < 8.5.5.21 / 9.x < 9.0.5.11 DoS
high
156614ShareFile < 5.11.20 RCE (CVE-2021-22941)
critical
156361VMware Workspace ONE UEM 控制台 SSRF (VMSA-2021-0029)
high
156326SAP NetWeaver AS Java XSS (2956398)
medium
156255Apache 2.4.x < 2.4.52 多个漏洞
critical
156226SAP NetWeaver AS ABAP 代码注入(2021 年 12 月)
medium
156164Apache Log4Shell CVE-2021-45046 绕过远程代码执行
critical
156100OpenSSL 3.0.0 < 3.0.1 漏洞
high
156014通过回调关联进行的 Apache Log4Shell RCE 检测(直接检查 HTTP)
critical
155998Apache Log4j 消息查找替换 RCE (Log4Shell)(直接检查)
critical
155964ThinkPHP < 5.0.24 RCE
critical
155603SAP NetWeaver AS abap 错误授权(2021 年 11 月)
medium
154967Draytek VigorConnect Web UI 检测
info
154966Draytek VigorConnect LFI (CVE-2021-20123)
high
154919SAP NetWeaver AS Java XXE 漏洞 (2296909)
medium
154918SAP NetWeaver AS Java 目录遍历漏洞 (2547431)
medium
154416Nacos < 1.4.1 身份验证绕过 (CVE-2021-29441)
critical
154340Oracle HTTP Server(2021 年 10 月 CPU)
medium
154151Apache Tomcat 10.0.0.M10 < 10.0.12 漏洞
high
154150Apache Tomcat 9.0.40 < 9.0.54 漏洞
high
154149Apache Tomcat 10.1.0.M1 < 10.1.0.M6 漏洞
high
154147Apache Tomcat 8.5.60 < 8.5.72 漏洞
high
154141SAP NetWeaver AS ABAP 多个漏洞(2021 年 10 月)
high
153952Apache 2.4.49 < 2.4.51 路径遍历漏洞
critical
153884Apache 2.4.49 < 2.4.50 多个漏洞
high
153587IBM WebSphere Application Server 信息泄露 (6489485)
medium
153586Apache >= 2.4.30 < 2.4.49 mod_proxy_uwsgi
high
153585Apache >= 2.4.17 < 2.4.49 mod_http2
high
153584Apache < 2.4.49 多种漏洞
critical
153583Apache < 2.4.49 多种漏洞
critical
153486Microsoft Open Management Infrastructure RCE (CVE-2021-38647)
critical
153474Microsoft Open Management Infrastructure < 1.6.8.1 多个漏洞
critical
153441SAP NetWeaver AS 缺少授权检查(2021 年 9 月)
critical
152872VMware Workspace ONE UEM 控制台 DoS (VMSA-2021-0017)
high
152871Python Information Disclosure in PyDoc (CVE-2021-3426)
medium
152782OpenSSL 1.1.1 < 1.1.1l 漏洞
critical
152780OpenSSL 1.0.2 < 1.0.2za 漏洞
high
152543Microsoft Azure CycleCloud 特权提升 (CVE-2021-33762)
high
152542Azure CycleCloud Web UI 检测
info
152541Microsoft Azure CycleCloud 特权提升 (CVE-2021-36943)
high
152484GitLab Web UI 检测
info
152191IBM WebSphere Application Server 7.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.14 / 8.5.x < 8.5.5.21 / 9.0.x < 9.0.5.9 特权提升
high
152183Apache Tomcat 8.5.0 < 8.5.68 漏洞
medium
152182Apache Tomcat 9.0.0.M1 < 9.0.48 漏洞
medium
152120SAP NetWeaver AS ABAP Memory Corruption (July 2021)
medium
152096SAP NetWeaver AS 缺少授权检查 (3059446)
high