检测

Nessus 的 Web Servers 系列

ID名称严重性
142059IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566)
high
141920IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 信息泄露 (CVE-2017-1743)
medium
141919IBM WebSphere Application Server 7.0.0.x < 7.0.0.45 / 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.5 HTTP 响应拆分 (CVE-2017-1503)
medium
141918IBM WebSphere Application Server 6.1.0.x < 6.1.0.47 / 7.0.0.x < 7.0.0.31 / 8.0.0.x < 8.0.0.7 / 8.5.x < 8.5.5.1 点击劫持 (CVE-2013-1571)
medium
141917IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 信息泄露 (CVE-2012-5783)
medium
141916IBM WebSphere Application Server 9.0.0.4 弱加密 (CVE-2017-1504)
medium
141915IBM WebSphere Application Server 9.0.x < 9.0.0.9 MITM (CVE-2018-8039)
high
141914IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.7 LogJam (CVE-2015-4000)
low
141853IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 Beanutils 漏洞 (CVE-2019-10086)
high
141852IBM WebSphere Application Server 7.0.0.x < 7.0.0.45 / 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 信息泄露 (CVE-2017-1681)
low
141851IBM WebSphere Application Server 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.12 / 9.0.x < 9.0.0.5 弱安全绑定 (CVE-2017-1501)
medium
141850IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.1 FileUpload DoS (CVE-2016-3092)
medium
141566IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x <= 9.0.0.9 多个漏洞 (711865)
high
141565IBM WebSphere Application Server 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.2 信息泄露 (CVE-2016-9736)
medium
141564IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 RCE (CVE-2016-1000031)
critical
141563IBM WebSphere Application Server 9.0.x < 9.0.0.7 DoS (CVE-2017-12624)
medium
141562IBM WebSphere Application Server 9.0.x < 9.0.5.3 DoS (CVE-2019-12406)
medium
141561IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 多个漏洞 (296865)
high
141498IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 文件遍历 (CVE-2019-4268)
medium
141497IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.11 XSS (CVE-2019-4030)
medium
141473IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.19 / 9.0.x < 9.0.5.6 信息泄露 (CVE-2020-4576)
high
141472IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 XSS (CVE-2019-4270)
medium
141469IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.6 XSS (CVE-2020-4578)
medium
141468IBM WebSphere Application Server 8.5.x < 8.5.5.16 / 9.0.x < 9.0.5.0 XSS (CVE-2019-4271)
low
141446Apache Tomcat 9.0.0.M1 < 9.0.38
medium
141394已安装 Apache HTTP 服务器 (Linux)
info
141263Apache Tomcat 站点枚举
info
140791IBM WebSphere Application Server 7.0.0.x 至 7.0.0.45/8.0.0.x 至 8.0.0.15/8.5.x 至 8.5.5.17/9.0.x 至 9.0.5.5 XXE (CVE-2020-4643)
high
140735HTTP 走私检测
medium
140655Microsoft Internet Information Services (IIS) 站点枚举
info
140504SAP NetWeaver AS Java 多个 XSS (2953112)
medium
140464IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.14 / 9.0.x <= 9.0.0.9 XSS (729547)
medium
140463IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.7 信息泄露 (715271)
medium
140462IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.8 信息泄露 (711983)
high
140453IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.17 / 9.0.x <= 9.0.5.4 RCE (6255074)
high
139871IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)
critical
139615已安装 Microsoft Internet Information Services (IIS)
info
139583SAP NetWeaver AS Java DoS (2941315)
high
139574Apache 2.4.x < 2.4.46 多个漏洞
critical
139065IBM WebSphere Application Server 8.5.x < 8.5.5.18 服务器端请求伪造 (6209099)
medium
138882Cisco Small Business Router Web UI 检测
info
138878IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (6250059)
high
138851Apache Tomcat 7.0.27 < 7.0.105
high
138762SAP NetWeaver:身份验证绕过 (CVE-2020-6287)(直接检查)
critical
138591Apache Tomcat 9.0.0.M1 < 9.0.37 多个漏洞
high
138574Apache Tomcat 8.5.0 < 8.5.57 多个漏洞
high
138509Oracle WebLogic IIOP JNDI 查找 RCE 直接检查
critical
138506SAP NetWeaver AS Java 多个漏洞
critical
138499SAP Netweaver Application Server (AS) HTTP 服务器检测
info
138098Apache Tomcat 9.0.0.M1 < 9.0.36
high