Web Servers Family for Nessus

ID	Name	Severity
134220	nginx < 1.17.7 Information Disclosure	medium
133845	Apache Tomcat 9.0.0.M1 < 9.0.31 multiple vulnerabilities	critical
133696	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)	high
133529	IBM WebSphere Application Server Denial of Service (CVE-2019-4720)	high
133360	IBM WebSphere Application Server Virtual Enterprise 7.0.x <= 7.0.0.6 / Virtual Enterprise 8.0.x / 8.5.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 Information Disclosure (CVE-2019-4505)	medium
133275	IBM WebSphere Application Server 9.0.x < 9.0.5.0 Information Disclosure (CVE-2019-4269)	high
133274	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Cross-Site Request Forgery (CVE-2018-1926)	high
133273	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1901)	high
133272	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1840)	high
133271	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Information Disclosure (CVE-2018-1614)	high
133270	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Remote Code Execution (CVE-2018-1567)	critical
133146	Oracle Fusion Middleware Oracle HTTP Server (Jan 2020 CPU)	medium
132775	nginx 0.8.x < 0.8.33 / 0.7.x < 0.7.65 Windows Filename Pseudonyms (CORE-2010-0121)	low
132726	OpenSSL 1.0.2 < 1.0.2u Vulnerability	medium
132725	OpenSSL 1.1.1 < 1.1.1e-dev Procedure Overflow Vulnerability	medium
132419	Apache Tomcat 9.0.0.M1 < 9.0.30	high
132418	Apache Tomcat 8.5.0 < 8.5.50	high
132413	Apache Tomcat 8.5.0 < 8.5.49 multiple vulnerabilities	high
132076	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)	medium
131733	IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Directory Traversal Vulnerability	medium
130590	Apache Tomcat Installed (Windows)	info
130175	Apache Tomcat Installed (Linux/Unix)	info
129097	IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Information Disclosure (CVE-2019-4477)	medium
128523	Oracle GlassFish Server < 3.0.1.22 Multiple Vulnerabilities	critical
128117	OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities	medium
128116	OpenSSL 1.1.1 < 1.1.1d Multiple Vulnerabilities	medium
128115	OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities	medium
128065	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Admin Console Directory Traversal Vulnerability (CVE-2018-1770)	medium
128033	Apache 2.4.x < 2.4.41 Multiple Vulnerabilities	critical
127907	nginx 1.9.5 < 1.16.1 / 1.17.x < 1.17.3 Multiple Vulnerabilities	high
126781	Oracle Fusion Middleware Oracle HTTP Server (Jul 2019 CPU)	high
126312	Apache Tomcat 9.0.0.M1 < 9.0.16	high
126262	Oracle WebLogic Server Deserialization RCE (CVE-2019-2729)	critical
126245	Apache Tomcat 9.0.0.M1 < 9.0.20 DoS	high
126125	Apache Tomcat 8.5.0 < 8.5.41 DoS	high
126052	IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904)	critical
125642	OpenSSL 1.1.0 < 1.1.0k Vulnerability	high
125641	OpenSSL 1.1.1 < 1.1.1c Vulnerability	high
125630	IBM WebSphere Application Server Virtual Enterprise 7.0.x / Network Deployment 8.5.x < 8.5.5.16 / Network Deployment 9.0.0.x <= 9.0.0.11 Remote Code Execution Vulnerability (CVE-2019-4279)	critical
125595	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719)	medium
125265	Oracle WebLogic Server Java Object Deserialization RCE (CVE-2018-3245)	critical
124566	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 Form Login Spoofing Vulnerability (CVE-2018-1695)	medium
124565	IBM BigFix Platform 9.5.x < 9.5.12 Multiple Vulnerabilities	critical
124564	IBM BigFix Platform 9.2.x <= 9.2.16 / 9.5.x <= 9.5.11 Information Disclosure	medium
124563	IBM BigFix Platform 9.5.x < 9.5.10 Plain Text Credentials	high
124338	Oracle WebLogic WLS9-async Remote Code Execution (remote check)	critical
124336	NGINX Unit HTTP Server Detection	info
124335	NGINX Unit 0.x > 0.3 / 1.x < 1.7.1 Heap Buffer Overflow (CVE-2019-7401)	critical
124240	GPON ONT Home Gateway Remote Enabling of Telnet (CVE-2019-3917)	high
124156	Oracle Fusion Middleware Oracle HTTP Server (Apr 2019 CPU)	critical

Detections

Analytics

Web Servers Family for Nessus

medium

critical

high

high

medium

high

high

high

high

high

critical

medium

low

medium

medium

high

high

high

medium

medium

info

info

medium

critical

medium

medium

medium

medium

critical

high

high

high

critical

high

high

critical

high

high

critical

medium

critical

medium

critical

medium

high

critical

info

critical

high

critical