Nessus 的 CGI abuses 系列

ID名稱嚴重性
162528Splunk Enterprise for Windows 8.1.x < 8.1.1 Local Privilege Escalation
high
162428Dell EMC iDRAC8 < 2.83.83.83 / Dell EMC iDRAC9 < 5.10.30.00 (DSA-2022-154)
high
162412Zimbra Collaboration Server < 8.6.0 P10/8.7 < 8.7.11 P1/8.8.x < 8.8.7 XSS
medium
162410Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 30 XSS
medium
162398Atlassian Jira 8.13.x < 8.13.21 / 8.20.x < 8.20.9 / 8.22.x < 8.22.3 / 9.0.0 SQLI (JRASERVER-73885)
critical
162330Citrix ADM 13.0.x < 13.0.85.19 / 13.1.x < 13.1.21.53 多個弱點 (CTX460016)
high
162315Jenkins plugins Multiple Vulnerabilities (2022-05-17)
critical
162175Atlassian Confluence 命令注入弱點 (CVE-2022-26134) (直接檢查)
critical
162139iLO 4 < 2.80 DoS
high
162138Jenkins 外掛程式多個弱點 (2022 年 2 月 15 日)
high
162123Drupal 9.2.x < 9.2.21 / 9.3.x < 9.3.16 Drupal 弱點 (SA-CORE-2022-011)
high
161991PHP 8.0.x < 8.0.20 多個弱點
critical
161975PHP 8.1.x < 8.1.7 多個弱點
critical
161971PHP 7.4.x < 7.4.30 多個弱點
critical
161951SonicWall Secure Mobile Access (SMA) 12.4.x < 12.4.1-02994 多個弱點 (SNWLID-2022-0009)
critical
161848Atlassian Confluence 7.4.x < 7.4.17 / 7.13.x < 7.13.7 / 7.14.x < 7.14.3 / 7.15.x < 7.15.2 / 7.16.x < 7.16.4 / 7.17.x < 7.17.4 / 7.18.x < 7.18.1 (CONFSERVER-79017)
high
161808Atlassian Confluence 命令注入弱點 (CVE-2022-26134)
critical
161800Dell EMC iDRAC9 < 5.00.00.00 (DSA-2021-177)
high
161799Dell EMC iDRAC9 4.40.x < 4.40.29.00 (DSA-2021-177)
high
161798Dell EMC iDRAC8 < 2.80.80.80 / Dell EMC iDRAC9 < 4.40.40.00 (DSA-2021-177)
high
161797Dell EMC iDRAC9 < 5.00.10.00 (DSA-2021-177)
high
161774Citrix ADC 和 Citrix Gateway 12.1.x < 12.1-64.17 / 13.0.x < 13.0-85.19 / 13.1.x < 13.1-21.50 DoS 弱點 (CTX457048)
medium
161773Citrix ADC 和 Citrix Gateway 12.1-64.16 DoS 弱點 (CTX457048)
medium
161707Splunk Enterprise 8.1.x < 8.1.6 MFA 繞過弱點
high
161609Splunk Enterprise 8.1 < 8.1.4 XSS
medium
161505Drupal 9.2.x < 9.2.20 / 9.3.x < 9.3.14 Drupal 弱點 (SA-CORE-2022-010)
high
161453Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.13 / 2.332.3.4 多個弱點 (CloudBees 安全公告 2022-05-17)
critical
161441Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.8 / 2.303.x < 2.303.30.0.7 / 2.332.1.5 多個弱點 (CloudBees 安全公告 2022-03-15)
high
161440Jenkins 外掛程式 多個弱點 (2022 年 4 月 12 日)
high
161438ManageEngine PAM360 REST API 限制繞過弱點 (CVE-2022-29081)
critical
161331VMware Workspace One Access / VMware Identity Manager 驗證繞過 (直接檢查) (CVE-2022-22972)
critical
161273GitLab 8.12 < 14.8.6/8.13 < 14.9.4/8.14 < 14.10.1 不當存取控制
medium
161272GitLab 13.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
medium
161271GitLab 12.10 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS
medium
161270GitLab 9.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 錯誤授權
medium
161269GitLab 14.4 < 14.8.6/14.9.x < 14.9.4/14.10.x < 14.10.1 XSS
medium
161268GitLab 11.0 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
medium
161267GitLab 8.12 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
medium
161266GitLab 13.9 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS
high
161265GitLab 12.6 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
low
161210Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.10 / 2.332.2.6 多個弱點 (CloudBees 安全公告 2022-04-12)
high
161190ManageEngine Password Manager Pro REST API 限制繞過弱點 (CVE-2022-29081)
critical
161189Sophos XG Firewall 使用者入口網站和 Webadmin 驗證繞過弱點 (CVE-2022-1040)
critical
160751ManageEngine Access Manager Plus REST API 限制繞過弱點 (CVE-2022-29081)
critical
160671GitLab 1.0.2 < 14.8.6 多個弱點
high
160670GitLab < 14.8.6/14.9.x < 14.9.4/14.10.x < 14.10.1 多個弱點
medium
160549ManageEngine SharePoint Manager Plus < 4329 多個弱點
critical
160470Trend Micro Apex One Management Web 主控台偵測
info
160297Apache APISIX Dashboard < 2.10.1 驗證繞過 (直接檢查)
critical
160235ManageEngine ADAudit Plus < Build 7060 XXE RCE
critical