Nessus 的 Web Servers 系列

ID名称严重性
152543Microsoft Azure CycleCloud 特权提升 (CVE-2021-33762)
high
152542Azure CycleCloud Web UI 检测
info
152541Microsoft Azure CycleCloud 特权提升 (CVE-2021-36943)
high
152484GitLab Web UI 检测
info
151808SAP NetWeaver AS ABAP 代码注入 (3048657)
medium
151791TeamCity Server < 2020.2.4 Multiple Vulnerabilities
critical
151762SAP NetWeaver AS ABAP 和 ABAP 信息泄露 (3044754)
high
151663SAP NetWeaver AS for Java DoS (3056652)
high
150753SAP NetWeaver AS ABAP 跨站脚本 (XSS)(2021 年 6 月)
medium
150719SAP NetWeaver AS ABAP 命令注入(2021 年 6 月)
medium
150718SAP NetWeaver AS JAVA 缺少 XML 验证 (3053066)
medium
150717SAP NetWeaver AS ABAP XSS(2021 年 6 月)
medium
150694SAP NetWeaver AS ABAP 授权缺失 (3002517)
medium
150417SAP NetWeaver AS ABAP 验证不当(2021 年 6 月)
critical
150280Apache 2.4.x < 2.4.47 多个漏洞
critical
150244Apache 2.4.x < 2.4.48 漏洞
high
150154nginx 0.6.x < 1.20.1 1 字节内存覆盖 RCE
critical
149848SAP NetWeaver AS ABAP 命令注入(2021 年 5 月)
medium
148850IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)
high
148573SAP NetWeaver AS Java 和 AS ABAP 多个漏洞(2021 年 4 月)
medium
148405Apache Tomcat 7.0.0 < 7.0.107 信息泄露
medium
148402OpenSSL 1.1.1 < 1.1.1j 多个漏洞
high
148400SAP NetWeaver AS Java 监控目录遍历 (2234971)
high
148399SAP NetWeaver AS Java 调用程序 Servlet 代码执行 (1445998)
critical
148241Apache Druid < 0.20.1 RCE(直接检查)
high
148240Apache Druid 检测
info
148239Apache OFBiz 远程代码执行 (CVE-2021-26295)
critical
148182Citrix SD-WAN Center 远程代码执行(直接检查)
critical
148125OpenSSL 1.1.1 < 1.1.1k 多个漏洞
high
147961SAP NetWeaver AS JAVA 反向标签钓鱼 (2976947)
medium
147870SAP NetWeaver AS JAVA 缺少授权检查 (3022422)
high
147164Apache Tomcat 9.0.0.M1 < 9.0.43 多种漏洞
high
147163Apache Tomcat 7.0.0 < 7.0.108 RCE
high
147019Apache Tomcat 8.5.0 < 8.5.63 多种漏洞
high
146861Liferay Portal 远程代码执行(直接检查)
critical
146860IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709)
high
146859IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 目录遍历 (CVE-2021-20354)
high
146591OpenSSL 1.0.2 < 1.0.2y 多个漏洞
low
146489SaltStack 未经身份验证的 RCE(直接检查)
critical
146451IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 目录遍历 (CVE-2020-4782)
medium
146374OpenSSL 1.0.2 < 1.0.2w 信息泄露
low
146314Apache Flink 本地文件包含漏洞(直接检查)
high
146313Apache Flink Web UI 检测
info
146273SAP BusinessObjects Business Intelligence 平台 Web 检测。
info
146272SAP BusinessObjects Business Intelligence 平台 SSRF 漏洞(直接检查)
medium
145705SAP NetWeaver AS Java 和 AS ABAP 多个漏洞(2021 年 1 月)
high
145535IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.6 XXE (6408244)
high
145069IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 信息泄露 (6339255)
low
145061IBM HTTP Server 7.0.0.0 <= 7.0.0.41 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.2 多个漏洞 (548231)
critical
145045IBM WebSphere eXtreme Scale Liberty Deployment 8.6.1.x < 8.6.1.4 (6397682)
medium