CGI abuses Family for Nessus

ID	Name	Severity
166057	ManageEngine PAM360 < 5.5 Build 5510 RCE	critical
165774	GitLab 9.3 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3018)	medium
165773	GitLab 15.2 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-2904)	medium
165772	GitLab 14.4 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3067)	medium
165771	GitLab 13.7 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3351)	medium
165770	GitLab 12.8 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3325)	medium
165769	GitLab 10.0 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3066)	medium
165768	GitLab 12.6 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-2882)	medium
165767	Jenkins plugins Multiple Vulnerabilities (2022-09-21)	critical
165766	Jenkins weekly < 2.370 Multiple Vulnerabilities	critical
165764	Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.15 / 2.346.2.3 Multiple Vulnerabilities (CloudBees Security Advisory 2022-07-27)	high
165722	GitLab 9.3 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3293)	medium
165701	Dotnetnuke 6.0.x < 9.11.0 Multiple Vulnerabilities (09.11.00)	critical
165694	Oracle Primavera P6 Enterprise Project Portfolio Management (Jul 2022 CPU)	high
165693	Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.16 / 2.346.4.1 Multiple Vulnerabilities (CloudBees Security Advisory 2022-08-27)	medium
165624	Mattermost Server 7.1.0 DoS (MMSA-2022-00115)	medium
165622	PHP 8.0.x < 8.0.24 Multiple Vulnerabilities	medium
165551	PHP 8.1.x < 8.1.11 Multiple Vulnerabilities	medium
165545	PHP 7.4.x < 7.4.32 Multiple Vulnerabilities	medium
165521	SolarWinds Orion Platform < 2022.3 Multiple Vulnerabilities	high
165520	Drupal 9.3.x < 9.3.22 / 9.4.x < 9.4.7 Drupal Vulnerability (SA-CORE-2022-016)	high
165348	ManageEngine Access Manager Plus < 4.3 Build 4305 SQLi	critical
165347	ManageEngine PAM360 < 5.6 Build 5600 SQLi	critical
165346	ManageEngine Password Manager Pro < 12.1 Build 12121 SQLi	critical
165185	Webmin < 1.997 RCE	critical
165178	Atlassian Jira < 8.13.19 / 8.14.x < 8.20.7 / 8.21.x < 8.22.1 RCE (JRASERVER-73582)	high
164898	Jenkins LTS < 2.361.1 / Jenkins weekly < 2.363	high
164810	Atlassian Bitbucket < 7.6.17 / 7.17.10 / 7.21.4 / 8.0.4 / 8.1.3 / 8.2.2 / 8.3.1 RCE	high
164652	IBM Cognos Analytics Multiple Vulnerabilities (6616285)	critical
164551	SonicWall Secure Mobile Access (SMA) < 10.2.1.5-34sv Buffer Overflow (SNWLID-2022-0019)	high
164533	Joomla 4.2.0 < 4.2.1 Joomla 4.2.1 Security and Bug Fix Release (5866-joomla-4-2-1-release)	medium
164521	WordPress 6.0 < 6.0.2 / 5.9 < 5.9.4 / 5.8 < 5.8.5 / 5.7 < 5.7.7 / 5.6 < 5.6.9 / 5.5 < 5.5.10 / 5.4 < 5.4.11 / 5.3 < 5.3.13 / 5.2 < 5.2.16 / 5.1 < 5.1.14 / 5.0 < 5.0.17 / 4.9 < 4.9.21 / 4.8 < 4.8.20 / 4.7 < 4.7.24 / 4.6 < 4.6.24 / 4.5 < 4.5.27 / 4.4 < 4.4.28 / 4.3 < 4.3.29 / 4.2 < 4.2.33 / 4.1 < 4.1.36 / 4.0 < 4.0.36 / 3.9 < 3.9.37 / 3.8 < 3.8.39 / 3.7 < 3.7.39	high
164478	GitLab 14.8 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 (CVE-2022-2244)	medium
164452	Jenkins plugins Multiple Vulnerabilities (2022-08-23)	medium
164451	ManageEngine OpManager 12.5.x < 12.5.657 / 12.6.x < 12.6.002 / 12.6.104 / 12.6.118 Authenticate Bypass	high
164450	ManageEngine Firewall Analyzer 12.5.x < 12.5.657 / 12.6.x < 12.6.002 / 12.6.104 / 12.6.118 Authenticate Bypass	high
164449	ManageEngine NCM 12.5.x < 12.5.657 / 12.6.x < 12.6.002 / 12.6.104 / 12.6.118 Authenticate Bypass	high
164431	GitLab 11.3.4 < 15.1.5 / 15.2 < 15.2.3 / 15.3 < 15.3.1 RCE	critical
164341	Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 33 / 9.0.0 < 9.0.0 Patch 26 Multiple Vulnerabilities	critical
164329	Splunk Enterprise 8.1 < 8.1.11, 8.2.0 < 8.2.7.1 / Universal Forwarders 8.1 < 8.1.11, 8.2.0 < 8.2.7.1 (SVD-2022-0803)	medium
164328	Splunk Enterprise 9.0.0 < 9.0.1 (SVD-2022-0801)	critical
164274	Oracle Primavera Unifier Unsupported Version Detection	critical
164272	Splunk Enterprise < 9.0.1 Information Disclosure	low
164184	ManageEngine NCM 12.5.x < 12.5.658 / 12.6.x < 12.6.003 / 12.6.105 / 12.6.120 RCE	high
164091	Questions for Confluence App Default Credentials (CVE-2022-26138)	critical
164078	Splunk Enterprise and Universal Forwarder < 9.0 Improper Certificate Validation	high
164077	Splunk Universal Forwarder < 9.0 Insecure Default Configuration	high
164076	Splunk Enterprise < 9.0 Multiple Vulnerabilities	critical
164075	Splunk Enterprise Deployment Servers < 9.0 RCE	critical
164074	Splunk Enterprise Deployment Server < 9.0 Improper Authorization	high

Detections

Analytics

CGI abuses Family for Nessus

critical

medium

medium

medium

medium

medium

medium

medium

critical

critical

high

medium

critical

high

medium

medium

medium

medium

medium

high

high

critical

critical

critical

critical

high

high

high

critical

high

medium

high

medium

medium

high

high

high

critical

critical

medium

critical

critical

low

high

critical

high

high

critical

critical

high