Nessus 的 Web Servers 系列

ID名稱嚴重性
156945Cisco Adaptive Security Device Manager (ASDM) 偵測
info
156944Oracle HTTP Server (Jan 2022 CPU)
critical
156941MobileIron Core Log4Shell 直接檢查 (CVE-2021-44228)
critical
156725SAP NetWeaver AS ABAP 資訊洩漏 (2022 年 1 月)
medium
156724IBM WebSphere Application Server 7.x <= 7.0.0.45 / 8.x <= 8.0.0.15 / 8.5.x < 8.5.5.21 / 9.x < 9.0.5.11 DoS
high
156614ShareFile < 5.11.20 RCE (CVE-2021-22941)
critical
156361VMware Workspace ONE UEM 主控台 SSRF (VMSA-2021-0029)
high
156326SAP NetWeaver AS Java XSS (2956398)
medium
156255Apache 2.4.x < 2.4.52 多個弱點
critical
156226SAP NetWeaver AS ABAP Code Injection (December 2021)
medium
156164Apache Log4Shell CVE-2021-45046 繞過遠端程式碼執行
critical
156100OpenSSL 3.0.0 < 3.0.1 弱點
high
156014透過回呼關聯的 Apache Log4Shell RCE 偵測 (直接檢查 HTTP)
critical
155998Apache Log4j Message Lookup Substitution RCE (Log4Shell) (Direct Check)
critical
155964ThinkPHP < 5.0.24 RCE
critical
155603SAP NetWeaver AS ABAP Incorrect Authorization (November 2021)
medium
154967Draytek VigorConnect Web UI Detection
info
154966Draytek VigorConnect LFI (CVE-2021-20123)
high
154919SAP NetWeaver AS Java XXE 弱點 (2296909)
medium
154918SAP NetWeaver AS Java 目錄遊走弱點 (2547431)
medium
154416Nacos < 1.4.1 驗證繞過 (CVE-2021-29441)
critical
154340Oracle HTTP Server (2021 年 10 月 CPU)
medium
154151Apache Tomcat 10.0.0.M10 < 10.0.12 弱點
high
154150Apache Tomcat 9.0.40 < 9.0.54 弱點
high
154149Apache Tomcat 10.1.0.M1 < 10.1.0.M6 弱點
high
154147Apache Tomcat 8.5.60 < 8.5.72 弱點
high
154141SAP NetWeaver AS ABAP Multiple Vulnerabilities (Oct 2021)
high
153952Apache 2.4.49 < 2.4.51 路徑遍歷弱點
critical
153884Apache 2.4.49 < 2.4.50 多個弱點
high
153587IBM WebSphere Application Server 資料洩漏 (6489485)
medium
153586Apache >= 2.4.30 < 2.4.49 mod_proxy_uwsgi
high
153585Apache >= 2.4.17 < 2.4.49 mod_http2
high
153584Apache < 2.4.49 多種弱點
critical
153583Apache < 2.4.49 多種弱點
critical
153486Microsoft Open Management Infrastructure RCE (CVE-2021-38647)
critical
153474Microsoft Open Management Infrastructure < 1.6.8.1 多個弱點
critical
153441SAP NetWeaver AS 缺少授權檢查 (2021 年 9 月)
critical
152872VMware Workspace ONE UEM console DoS (VMSA-2021-0017)
high
152871Python 的 PyDoc 中存在資訊洩漏問題 (CVE-2021-3426)
medium
152782OpenSSL 1.1.1 < 1.1.1l Vulnerability
critical
152780OpenSSL 1.0.2 < 1.0.2za Vulnerability
high
152543Microsoft Azure CycleCloud 權限提升 (CVE-2021-33762)
high
152542Azure CycleCloud Web UI 偵測
info
152541Microsoft Azure CycleCloud 權限提升 (CVE-2021-36943)
high
152484GitLab Web UI 偵測
info
152191IBM WebSphere Application Server 7.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.14 / 8.5.x < 8.5.5.21 / 9.0.x < 9.0.5.9 權限提升
high
152183Apache Tomcat 8.5.0 < 8.5.68 弱點
medium
152182Apache Tomcat 9.0.0.M1 < 9.0.48 弱點
medium
152120SAP NetWeaver AS ABAP 記憶體損毀 (2021 年 7 月)
medium
152096SAP NetWeaver AS Missing Authorization Check (3059446)
high