Nessus 的 Web Servers 系列

ID名称严重性
153952Apache 2.4.49 < 2.4.51 路径遍历漏洞
critical
153884Apache 2.4.49 < 2.4.50 多个漏洞
high
153587IBM WebSphere Application Server 信息泄露 (6489485)
medium
153586Apache >= 2.4.30 < 2.4.49 mod_proxy_uwsgi
high
153584Apache < 2.4.49 多种漏洞
critical
153583Apache < 2.4.49 多种漏洞
critical
152543Microsoft Azure CycleCloud 特权提升 (CVE-2021-33762)
high
152542Azure CycleCloud Web UI 检测
info
152541Microsoft Azure CycleCloud 特权提升 (CVE-2021-36943)
high
152484GitLab Web UI 检测
info
151808SAP NetWeaver AS ABAP 代码注入 (3048657)
medium
151791TeamCity Server < 2020.2.4 多个漏洞
critical
151762SAP NetWeaver AS ABAP 和 ABAP 信息泄露 (3044754)
high
151663Java 版 SAP NetWeaver AS DoS (3056652)
high
150753SAP NetWeaver AS ABAP 跨站脚本 (XSS)(2021 年 6 月)
medium
150719SAP NetWeaver AS ABAP 命令注入(2021 年 6 月)
medium
150718SAP NetWeaver AS JAVA 缺少 XML 验证 (3053066)
medium
150717SAP NetWeaver AS ABAP XSS(2021 年 6 月)
medium
150694SAP NetWeaver AS ABAP 授权缺失 (3002517)
medium
150417SAP NetWeaver AS ABAP 验证不当(2021 年 6 月)
critical
150280Apache 2.4.x < 2.4.47 多个漏洞
critical
150244Apache 2.4.x < 2.4.48 漏洞
high
150154nginx 0.6.x < 1.20.1 1 字节内存覆盖 RCE
critical
149848SAP NetWeaver AS ABAP 命令注入(2021 年 5 月)
medium
149787IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 多个漏洞
high
148976Oracle HTTP Server(2021 年 4 月 CPU)
medium
148850IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)
high
148573SAP NetWeaver AS Java 和 AS ABAP 多个漏洞(2021 年 4 月)
medium
148405Apache Tomcat 7.0.0 < 7.0.107 信息泄露
medium
148402OpenSSL 1.1.1 < 1.1.1j 多个漏洞
high
148400SAP NetWeaver AS Java 监控目录遍历 (2234971)
high
148399SAP NetWeaver AS Java 调用程序 Servlet 代码执行 (1445998)
critical
148241Apache Druid < 0.20.1 RCE(直接检查)
high
148240Apache Druid 检测
info
148239Apache OFBiz 远程代码执行 (CVE-2021-26295)
critical
148182Citrix SD-WAN Center 远程代码执行(直接检查)
critical
148125OpenSSL 1.1.1 < 1.1.1k 多个漏洞
high
147961SAP NetWeaver AS JAVA 反向标签钓鱼 (2976947)
medium
147870SAP NetWeaver AS JAVA 缺少授权检查 (3022422)
high
147164Apache Tomcat 9.0.0.M1 < 9.0.43 多种漏洞
high
147163Apache Tomcat 7.0.0 < 7.0.108 RCE
high
147019Apache Tomcat 8.5.0 < 8.5.63 多种漏洞
high
146861Liferay Portal 远程代码执行(直接检查)
critical
146860IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709)
high
146859IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 目录遍历 (CVE-2021-20354)
high
146591OpenSSL 1.0.2 < 1.0.2y 多个漏洞
low
146489SaltStack 未经身份验证的 RCE(直接检查)
critical
146451IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 目录遍历 (CVE-2020-4782)
medium
146374OpenSSL 1.0.2 < 1.0.2w 信息泄露
low
146314Apache Flink 本地文件包含漏洞(直接检查)
high