Nessus 的 Web Servers 系列

ID名稱嚴重性
150244Apache 2.4.x < 2.4.48 弱點
high
149848SAP NetWeaver AS ABAP 命令插入 (2021 年 5 月)
medium
148850IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)
high
148402OpenSSL 1.1.1 < 1.1.1j 多個弱點
high
148241Apache Druid < 0.20.1 RCE (直接檢查)
high
148240Apache Druid 偵測
info
148239Apache OFBiz 遠端程式碼執行 (CVE-2021-26295)
critical
148182Citrix SD-WAN Center 遠端程式碼執行 (直接檢查)
critical
148125OpenSSL 1.1.1 < 1.1.1k 多個弱點
high
147961SAP NetWeaver AS JAVA 反向索引標籤劫持 (2976947)
medium
147870SAP NetWeaver AS JAVA 缺少授權檢查 (3022422)
high
147164Apache Tomcat 9.0.0.M1 < 9.0.43 多個弱點
high
147163Apache Tomcat 7.0.0 < 7.0.108 RCE
high
147019Apache Tomcat 8.5.0 < 8.5.63 多個弱點
high
146861Liferay Portal 遠端程式碼執行 (直接檢查)
critical
146860IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709)
high
146859IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 目錄遊走 (CVE-2021-20354)
high
146591OpenSSL 1.0.2 < 1.0.2y 多個弱點
low
146489SaltStack 未經驗證的 RCE (直接檢查)
critical
146451IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 目錄遊走 (CVE-2020-4782)
medium
146374OpenSSL 1.0.2 < 1.0.2w 資訊洩漏
low
146314Apache Flink 本機檔案包含弱點 (直接檢查)
high
146313Apache Flink Web UI 偵測
info
146273SAP BusinessObjects Business Intelligence 平台 Web 偵測。
info
146272SAP BusinessObjects Business Intelligence 平台 SSRF 弱點 (直接檢查)
medium
145705SAP NetWeaver AS Java 和 AS ABAP 多個弱點 (2021 年 1 月)
high
145535IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.6 XXE (6408244)
high
145069IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 資訊洩漏 (6339255)
low
145061IBM HTTP Server 7.0.0.0 <= 7.0.0.41 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.2 多個弱點 (548231)
critical
145045IBM WebSphere eXtreme Scale Liberty Deployment 8.6.1.x < 8.6.1.4 (6397682)
medium
145032IBM WebSphere eXtreme Scale (Linux)
info
144969Apache Unomi RCE (直接檢查)
critical
144968Apache Unomi 偵測。
info
144780IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 多個弱點 (569295)
high
144779IBM HTTP Server 7.0.0.0 <= 7.0.0.43 資訊洩漏 (567509)
high
144778IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 多個弱點 (563615)
critical
144777IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.3 回應分割 (289001)
high
144776IBM HTTP Server 8.0.0.0 <= 8.0.0.11 / 8.5.0.0 <= 8.5.5.6 (533837)
medium
144775IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.17 / 9.0.0.0 < 9.0.5.1 多個弱點 (964768)
medium
144774IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.16 / 9.0.0.0 < 9.0.5.0 多個弱點 (880413)
high
144773IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 多個弱點 (569301)
critical
144768IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (505927)
high
144767IBM HTTP Server 8.5.0.0 <= 8.5.5.4 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.35 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (521711)
medium
144766IBM HTTP Server 8.0.x < 8.0.0.9 / 8.5.x < 8.5.5.3 (247195)
low
144708IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (227047)
medium
144707IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 堆疊緩衝區溢位 (536441)
critical
144645已安裝 JFrog Artifactory (Linux)
info
144633已安裝 IBM MQ 伺服器和用戶端 (Linux)
info
144304IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP 要求走私 (533835)
medium
144303IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 資訊洩漏 (260001)
medium