检测

Nessus 的 Web Servers 系列

ID名称严重性
152191IBM WebSphere Application Server 7.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.14 / 8.5.x < 8.5.5.21 / 9.0.x < 9.0.5.9 特权提升
high
152183Apache Tomcat 8.5.0 < 8.5.68
medium
152182Apache Tomcat 9.0.0.M1 < 9.0.48
medium
152120SAP NetWeaver AS ABAP 内存损坏(2021 年 7 月)
medium
152096SAP NetWeaver AS 缺少授权检查 (3059446)
high
151808SAP NetWeaver AS ABAP 代码注入 (3048657)
medium
151791TeamCity Server < 2020.2.4 多个漏洞
critical
151762SAP NetWeaver AS ABAP 和 ABAP 信息泄露 (3044754)
high
151663Java 版 SAP NetWeaver AS DoS (3056652)
high
151504Apache Tomcat 10.0.3 < 10.0.5
high
151502Apache Tomcat 10.0.0.M1 < 10.0.6
medium
151501Apache Tomcat 10.0.0.M1 < 10.0.7
medium
150946Apache Tomcat 10.0.0.M1 < 10.0.0.M5
high
150938Apache Tomcat 10.0.0.M1 < 10.0.0.M6
high
150937Apache Tomcat 10.0.0.M1 < 10.0.0.M10 多个漏洞
high
150936Apache Tomcat 10.0.0.M1 < 10.0.0.M7 多个漏洞
high
150935Apache Tomcat 10.0.0.M1 < 10.0.0.M8
medium
150856Apache Tomcat 10.0.0.M1 < 10.0.2 多个漏洞
high
150787SAP NetWeaver AS JAVA 信息泄露 (3023299)
medium
150753SAP NetWeaver AS ABAP 跨站脚本 (XSS)(2021 年 6 月)
medium
150719SAP NetWeaver AS ABAP 命令注入(2021 年 6 月)
medium
150718SAP NetWeaver AS JAVA 缺少 XML 验证 (3053066)
medium
150717SAP NetWeaver AS ABAP XSS(2021 年 6 月)
medium
150694SAP NetWeaver AS ABAP 授权缺失 (3002517)
medium
150417SAP NetWeaver AS ABAP 验证不当(2021 年 6 月)
critical
150280Apache 2.4.x < 2.4.47 多个漏洞
critical
150244Apache 2.4.x < 2.4.48 漏洞
high
150154nginx 0.6.x < 1.20.1 1 字节内存覆盖 RCE
high
149848SAP NetWeaver AS ABAP 命令注入(2021 年 5 月)
medium
149787IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 多个漏洞
high
148976Oracle HTTP Server(2021 年 4 月 CPU)
high
148850IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)
high
148573SAP NetWeaver AS Java 和 AS ABAP 多个漏洞(2021 年 4 月)
medium
148405Apache Tomcat 7.0.0 < 7.0.107
medium
148402OpenSSL 1.1.1 < 1.1.1j 多个漏洞
high
148400SAP NetWeaver AS Java 监控目录遍历 (2234971)
high
148399SAP NetWeaver AS Java 调用程序 Servlet 代码执行 (1445998)
critical
148241Apache Druid < 0.20.1 RCE(直接检查)
high
148240Apache Druid 检测
info
148239Apache OFBiz 远程代码执行 (CVE-2021-26295)
critical
148182Citrix SD-WAN Center 远程代码执行(直接检查)
critical
148125OpenSSL 1.1.1 < 1.1.1k 多个漏洞
high
147961SAP NetWeaver AS JAVA 反向标签钓鱼 (2976947)
medium
147870SAP NetWeaver AS JAVA 缺少授权检查 (3022422)
high
147164Apache Tomcat 9.0.0.M1 < 9.0.43 多个漏洞
high
147163Apache Tomcat 7.0.0 < 7.0.108 多个漏洞
high
147019Apache Tomcat 8.5.0 < 8.5.63 多个漏洞
high
146861Liferay Portal 远程代码执行(直接检查)
critical
146860IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709)
high
146859IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 目录遍历 (CVE-2021-20354)
high