Nessus 的 Web Servers 系列

ID名称严重性
149848SAP NetWeaver AS ABAP 命令注入(2021 年 5 月)
medium
148850IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)
high
148402OpenSSL 1.1.1 < 1.1.1j 多个漏洞
high
148241Apache Druid < 0.20.1 RCE(直接检查)
high
148240Apache Druid 检测
info
148239Apache OFBiz 远程代码执行 (CVE-2021-26295)
critical
148182Citrix SD-WAN Center 远程代码执行(直接检查)
critical
148125OpenSSL 1.1.1 < 1.1.1k 多个漏洞
high
147961SAP NetWeaver AS JAVA 反向标签钓鱼 (2976947)
medium
147870SAP NetWeaver AS JAVA 缺少授权检查 (3022422)
high
147164Apache Tomcat 9.0.0.M1 < 9.0.43 多种漏洞
high
147163Apache Tomcat 7.0.0 < 7.0.108 RCE
high
147019Apache Tomcat 8.5.0 < 8.5.63 多种漏洞
high
146861Liferay Portal 远程代码执行(直接检查)
critical
146860IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709)
high
146859IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 目录遍历 (CVE-2021-20354)
high
146591OpenSSL 1.0.2 < 1.0.2y 多个漏洞
low
146489SaltStack 未经身份验证的 RCE(直接检查)
critical
146451IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 目录遍历 (CVE-2020-4782)
medium
146374OpenSSL 1.0.2 < 1.0.2w 信息泄露
low
146314Apache Flink 本地文件包含漏洞(直接检查)
high
146313Apache Flink Web UI 检测
info
146273SAP BusinessObjects Business Intelligence 平台 Web 检测。
info
146272SAP BusinessObjects Business Intelligence 平台 SSRF 漏洞(直接检查)
medium
145705SAP NetWeaver AS Java 和 AS ABAP 多个漏洞(2021 年 1 月)
high
145535IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.6 XXE (6408244)
high
145069IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 信息泄露 (6339255)
low
145061IBM HTTP Server 7.0.0.0 <= 7.0.0.41 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.2 多个漏洞 (548231)
critical
145045IBM WebSphere eXtreme Scale Liberty Deployment 8.6.1.x < 8.6.1.4 (6397682)
medium
145032IBM WebSphere eXtreme Scale (Linux)
info
144969Apache Unomi RCE(直接检查)
critical
144968Apache Unomi 检测。
info
144780IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 多个漏洞 (569295)
high
144779IBM HTTP Server 7.0.0.0 <= 7.0.0.43 信息泄露 (567509)
high
144778IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 多个漏洞 (563615)
critical
144777IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.3 响应拆分 (289001)
high
144776IBM HTTP Server 8.0.0.0 <= 8.0.0.11 / 8.5.0.0 <= 8.5.5.6 (533837)
medium
144775IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.17 / 9.0.0.0 < 9.0.5.1 多个漏洞 (964768)
medium
144774IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.16 / 9.0.0.0 < 9.0.5.0 多个漏洞 (880413)
high
144773IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 多个漏洞 (569301)
critical
144768IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (505927)
high
144767IBM HTTP Server 8.5.0.0 <= 8.5.5.4 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.35 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (521711)
medium
144766IBM HTTP Server 8.0.x < 8.0.0.9 / 8.5.x < 8.5.5.3 (247195)
low
144708IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (227047)
medium
144707IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 堆栈缓冲区溢出 (536441)
critical
144645已安装 JFrog Artifactory (Linux)
info
144633已安装 IBM MQ 服务器和客户端 (Linux)
info
144304IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP 请求走私 (533835)
medium
144303IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 信息泄露 (260001)
medium
144302IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.1 HTTP 重定向 (548223)
high