Web Servers Family for Nessus

ID	Name	Severity
141563	IBM WebSphere Application Server 9.0.x < 9.0.0.7 DoS (CVE-2017-12624)	medium
141562	IBM WebSphere Application Server 9.0.x < 9.0.5.3 DoS (CVE-2019-12406)	medium
141561	IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 Multiple Vulnerabilities (296865)	high
141498	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 File Traversal (CVE-2019-4268)	medium
141497	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.11 XSS (CVE-2019-4030)	medium
141473	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.19 / 9.0.x < 9.0.5.6 Information Disclosure (CVE-2020-4576)	high
141472	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 XSS (CVE-2019-4270)	medium
141469	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.6 XSS (CVE-2020-4578)	medium
141468	IBM WebSphere Application Server 8.5.x < 8.5.5.16 / 9.0.x < 9.0.5.0 XSS (CVE-2019-4271)	low
141446	Apache Tomcat 9.0.0.M1 < 9.0.38	medium
141394	Apache HTTP Server Installed (Linux)	info
141263	Apache Tomcat Site Enumeration	info
140791	IBM WebSphere Application Server 7.0.0.x through 7.0.0.45 / 8.0.0.x through 8.0.0.15 / 8.5.x through to 8.5.5.17 / 9.0.x through to 9.0.5.5 XXE (CVE-2020-4643)	high
140735	HTTP Smuggling Detection	medium
140655	Microsoft Internet Information Services (IIS) Sites Enumeration	info
140504	SAP NetWeaver AS Java Multiple XSS (2953112)	medium
140464	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.14 / 9.0.x <= 9.0.0.9 XSS (729547)	medium
140463	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.7 Information Disclosure (715271)	medium
140462	IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.8 Information Disclosure (711983)	high
140453	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.17 / 9.0.x <= 9.0.5.4 RCE (6255074)	high
139871	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)	critical
139615	Microsoft Internet Information Services (IIS) Installed	info
139583	SAP NetWeaver AS Java DoS (2941315)	high
139574	Apache 2.4.x < 2.4.46 Multiple Vulnerabilities	critical
139065	IBM WebSphere Application Server 8.5.x < 8.5.5.18 Server-side Request Forgery (6209099)	medium
138882	Cisco Small Business Router Web UI Detection	info
138878	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (6250059)	high
138851	Apache Tomcat 7.0.27 < 7.0.105	high
138762	SAP NetWeaver : Authentication Bypass (CVE-2020-6287) (Direct Check)	critical
138591	Apache Tomcat 9.0.0.M1 < 9.0.37 multiple vulnerabilities	high
138574	Apache Tomcat 8.5.0 < 8.5.57 multiple vulnerabilities	high
138509	Oracle WebLogic IIOP JNDI Lookup RCE Direct Check	critical
138506	SAP NetWeaver AS Java Multiple Vulnerabilities	critical
138499	SAP Netweaver Application Server (AS) HTTP Server Detection	info
138098	Apache Tomcat 9.0.0.M1 < 9.0.36	high
138097	Apache Tomcat 8.5.0 < 8.5.56	high
138091	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 Information Disclosure (CVE-2020-4449)	high
138074	Oracle WebLogic Server Java Object Deserialization RCE (CVE-2020-2883)	critical
137398	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Remote Code Execution (CVE-2020-4448)	critical
137368	IBM WebSphere Application Server 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (CVE-2020-4450)	critical
136931	Apache Traffic Server - HTTP Smuggling and Cache poisoning	medium
136897	IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS	medium
136892	IBM WebSphere Application Server Admin Console 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS	medium
136807	Apache Tomcat 8.5.0 < 8.5.55	high
136806	Apache Tomcat 9.0.0 < 9.0.35	high
136770	Apache Tomcat 7.0.0 < 7.0.104	high
136764	IBM MQ Console Detection	info
136763	IBM MQ Default Credentials	critical
136426	IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957)	medium
136410	IBM WebSphere Application Server 7.0 < 7.0.0.46 / 8.0 < 8.0.0.16 / 8.5 < 8.5.5.18 / 9.0 < 9.0.5.4 / Liberty 17.0.0.3 < 20.0.0.5 Information Disclosure	medium

Detections

Analytics

Web Servers Family for Nessus

medium

medium

high

medium

medium

high

medium

medium

low

medium

info

info

high

medium

info

medium

medium

medium

high

high

critical

info

high

critical

medium

info

high

high

critical

high

high

critical

critical

info

high

high

high

critical

critical

critical

medium

medium

medium

high

high

high

info

critical

medium

medium