偵測

Nessus 的 Web Servers 系列

ID名稱嚴重性
140735HTTP 走私偵測
medium
140655Microsoft Internet Information Services (IIS) 網站列舉
info
140504SAP NetWeaver AS Java 多個 XSS (2953112)
medium
140464IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.14 / 9.0.x <= 9.0.0.9 XSS (729547)
medium
140463IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.7 資訊洩漏 (715271)
medium
140462IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.8 資訊洩漏 (711983)
high
140453IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.17 / 9.0.x <= 9.0.5.4 RCE (6255074)
high
139871IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)
critical
139615已安裝 Microsoft Internet Information Services (IIS)
info
139583SAP NetWeaver AS Java DoS (2941315)
high
139574Apache 2.4.x < 2.4.46 多個弱點
critical
139065IBM WebSphere Application Server 8.5.x < 8.5.5.18 伺服器端要求偽造 (6209099)
medium
138882Cisco Small Business Web UI 偵測
info
138878IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (6250059)
high
138851Apache Tomcat 7.0.27 < 7.0.105
high
138762SAP NetWeaver:驗證繞過(CVE-2020-6287) (直接檢查)
critical
138591Apache Tomcat 9.0.0.M1 < 9.0.37 多個弱點
high
138574Apache Tomcat 8.5.0 < 8.5.57 多個弱點
high
138509Oracle WebLogic IIOP JNDI Lookup RCE 直接檢查
critical
138506SAP NetWeaver AS Java 多個弱點
critical
138499SAP Netweaver Application Server (AS) HTTP 伺服器偵測
info
138098Apache Tomcat 9.0.0.M1 < 9.0.36
high
138097Apache Tomcat 8.5.0 < 8.5.56
high
138091IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 資訊洩漏 (CVE-2020-4449)
high
138074Oracle WebLogic Server Java 物件還原序列化 RCE (CVE-2020-2883)
critical
137398IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 遠端程式碼執行 (CVE-2020-4448)
critical
137368IBM WebSphere Application Server 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (CVE-2020-4450)
critical
136931Apache Traffic Server - HTTP 走私和快取毒害
medium
136897IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS
medium
136892IBM WebSphere Application Server 管理主控台 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS
medium
136807Apache Tomcat 8.5.0 < 8.5.55
high
136806Apache Tomcat 9.0.0 < 9.0.35
high
136770Apache Tomcat 7.0.0 < 7.0.104
high
136764IBM MQ 主控台偵測
info
136763IBM MQ 預設認證
critical
136426IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 資訊洩漏 (CVE-2018-1957)
medium
136410IBM WebSphere Application Server 7.0 < 7.0.0.46 / 8.0 < 8.0.0.16 / 8.5 < 8.5.5.18 / 9.0 < 9.0.5.4 / Liberty 17.0.0.3 < 20.0.0.5 資訊洩漏
medium
136340已安裝 nginx (Linux/UNIX)
info
136183IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 跨網站指令碼弱點
medium
136180IBM WebSphere Application Server 7.x / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 目錄遊走弱點
medium
135919OpenSSL 1.1.1d < 1.1.1g 弱點
high
135771IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 XSS (CVE-2018-1794)
medium
135720IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.15 / 9.0.0.0 <= 9.0.0.10 連線偽造弱點
medium
135702IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.17 / 9.0.0.0 <= 9.0.5.3 權限提升 (CVE-2020-4362)
high
135677Oracle Fusion Middleware Oracle HTTP Server (2020 年 4 月 CPU)
high
135290Apache 2.4.x < 2.4.42 多個弱點
medium
135180IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 權限提升 (CVE-2020-4276)
high
134862Apache Tomcat AJP 連接器要求插入 (Ghostcat)
critical
134220nginx < 1.17.7 資訊洩漏
medium
133845Apache Tomcat 9.0.0.M1 < 9.0.31 多個弱點
critical