Web Servers Family for Nessus

ID	Name	Severity
154966	Draytek VigorConnect LFI (CVE-2021-20123)	high
154919	SAP NetWeaver AS Java XXE Vulnerability (2296909)	medium
154918	SAP NetWeaver AS Java Directory Traversal Vulnerability (2547431)	medium
154416	Nacos < 1.4.1 Authentication Bypass (CVE-2021-29441)	critical
154340	Oracle HTTP Server (Oct 2021 CPU)	medium
154151	Apache Tomcat 10.0.0.M10 < 10.0.12	high
154150	Apache Tomcat 9.0.40 < 9.0.54	high
154149	Apache Tomcat 10.1.0.M1 < 10.1.0.M6	high
154147	Apache Tomcat 8.5.60 < 8.5.72	high
154141	SAP NetWeaver AS ABAP Multiple Vulnerabilities (Oct 2021)	high
153952	Apache 2.4.49 < 2.4.51 Path Traversal Vulnerability	critical
153884	Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities	high
153587	IBM WebSphere Application Server Information Disclosure (6489485)	medium
153586	Apache >= 2.4.30 < 2.4.49 mod_proxy_uwsgi	high
153585	Apache >= 2.4.17 < 2.4.49 mod_http2	high
153584	Apache < 2.4.49 Multiple Vulnerabilities	critical
153583	Apache < 2.4.49 Multiple Vulnerabilities	critical
153486	Microsoft Open Management Infrastructure RCE (CVE-2021-38647)	critical
153474	Microsoft Open Management Infrastructure < 1.6.8.1 Multiple Vulnerabilities	critical
153441	SAP NetWeaver AS Missing Authorization Check (September 2021)	critical
152872	VMware Workspace ONE UEM console DoS (VMSA-2021-0017)	high
152871	Python Information Disclosure in PyDoc (CVE-2021-3426)	medium
152782	OpenSSL 1.1.1 < 1.1.1l Multiple Vulnerabilities	critical
152780	OpenSSL 1.0.2 < 1.0.2za Vulnerability	high
152543	Microsoft Azure CycleCloud Privilege Escalation (CVE-2021-33762)	high
152542	Azure CycleCloud Web UI Detection	info
152541	Microsoft Azure CycleCloud Privilege Escalation (CVE-2021-36943)	medium
152484	GitLab Web UI Detection	info
152191	IBM WebSphere Application Server 7.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.14 / 8.5.x < 8.5.5.21 / 9.0.x < 9.0.5.9 Privilege Escalation	high
152183	Apache Tomcat 8.5.0 < 8.5.68	medium
152182	Apache Tomcat 9.0.0.M1 < 9.0.48	medium
152120	SAP NetWeaver AS ABAP Memory Corruption (July 2021)	medium
152096	SAP NetWeaver AS Missing Authorization Check (3059446)	high
151808	SAP NetWeaver AS ABAP Code Injection (3048657)	medium
151791	TeamCity Server < 2020.2.4 Multiple Vulnerabilities	critical
151762	SAP NetWeaver AS ABAP and ABAP Information Disclosure (3044754)	high
151663	SAP NetWeaver AS for Java DoS (3056652)	high
151504	Apache Tomcat 10.0.3 < 10.0.5	high
151502	Apache Tomcat 10.0.0.M1 < 10.0.6	medium
151501	Apache Tomcat 10.0.0.M1 < 10.0.7	medium
150946	Apache Tomcat 10.0.0.M1 < 10.0.0.M5	high
150938	Apache Tomcat 10.0.0.M1 < 10.0.0.M6	high
150937	Apache Tomcat 10.0.0.M1 < 10.0.0.M10 multiple vulnerabilities	high
150936	Apache Tomcat 10.0.0.M1 < 10.0.0.M7 multiple vulnerabilities	high
150935	Apache Tomcat 10.0.0.M1 < 10.0.0.M8	medium
150856	Apache Tomcat 10.0.0.M1 < 10.0.2 multiple vulnerabilities	high
150787	SAP NetWeaver AS JAVA Information Disclosure (3023299)	medium
150753	SAP NetWeaver AS ABAP Cross-Site Scripting (XSS) (June 2021)	medium
150719	SAP NetWeaver AS ABAP Command Injection (June 2021)	medium
150718	SAP NetWeaver AS JAVA Missing XML Validation (3053066)	medium

Detections

Analytics

Web Servers Family for Nessus

high

medium

medium

critical

medium

high

high

high

high

high

critical

high

medium

high

high

critical

critical

critical

critical

critical

high

medium

critical

high

high

info

medium

info

high

medium

medium

medium

high

medium

critical

high

high

high

medium

medium

high

high

high

high

medium

high

medium

medium

medium

medium