Web Servers Family for Nessus

ID	Name	Severity
136340	nginx Installed (Linux/UNIX)	info
136183	IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 Cross-Site Scripting Vulnerability	medium
136180	IBM WebSphere Application Server 7.x / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 Directory Traversal Vulnerability	medium
135919	OpenSSL 1.1.1d < 1.1.1g Vulnerability	high
135771	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 XSS (CVE-2018-1794)	medium
135720	IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.15 / 9.0.0.0 <= 9.0.0.10 Connection Spoofing Vulnerability	medium
135702	IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.17 / 9.0.0.0 <= 9.0.5.3 Privilege Escalation (CVE-2020-4362)	high
135677	Oracle Fusion Middleware Oracle HTTP Server (Apr 2020 CPU)	high
135290	Apache 2.4.x < 2.4.42 Multiple Vulnerabilities	medium
135180	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Privilege Escalation (CVE-2020-4276)	high
134862	Apache Tomcat AJP Connector Request Injection (Ghostcat)	critical
134220	nginx < 1.17.7 Information Disclosure	medium
133845	Apache Tomcat 9.0.0.M1 < 9.0.31 multiple vulnerabilities	critical
133696	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)	high
133529	IBM WebSphere Application Server Denial of Service (CVE-2019-4720)	high
133360	IBM WebSphere Application Server Virtual Enterprise 7.0.x <= 7.0.0.6 / Virtual Enterprise 8.0.x / 8.5.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 Information Disclosure (CVE-2019-4505)	medium
133275	IBM WebSphere Application Server 9.0.x < 9.0.5.0 Information Disclosure (CVE-2019-4269)	high
133274	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Cross-Site Request Forgery (CVE-2018-1926)	high
133273	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1901)	high
133272	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1840)	high
133271	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Information Disclosure (CVE-2018-1614)	high
133270	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Remote Code Execution (CVE-2018-1567)	critical
133146	Oracle Fusion Middleware Oracle HTTP Server (Jan 2020 CPU)	medium
132775	nginx 0.8.x < 0.8.33 / 0.7.x < 0.7.65 Windows Filename Pseudonyms (CORE-2010-0121)	low
132726	OpenSSL 1.0.2 < 1.0.2u Vulnerability	medium
132725	OpenSSL 1.1.1 < 1.1.1e-dev Procedure Overflow Vulnerability	medium
132419	Apache Tomcat 9.0.0.M1 < 9.0.30	high
132418	Apache Tomcat 8.5.0 < 8.5.50	high
132413	Apache Tomcat 8.5.0 < 8.5.49 multiple vulnerabilities	high
132076	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)	medium
131733	IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Directory Traversal Vulnerability	medium
130590	Apache Tomcat Installed (Windows)	info
130175	Apache Tomcat Installed (Linux/Unix)	info
129097	IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Information Disclosure (CVE-2019-4477)	medium
128523	Oracle GlassFish Server < 3.0.1.22 Multiple Vulnerabilities	critical
128117	OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities	medium
128116	OpenSSL 1.1.1 < 1.1.1d Multiple Vulnerabilities	medium
128115	OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities	medium
128065	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Admin Console Directory Traversal Vulnerability (CVE-2018-1770)	medium
128033	Apache 2.4.x < 2.4.41 Multiple Vulnerabilities	critical
127907	nginx 1.9.5 < 1.16.1 / 1.17.x < 1.17.3 Multiple Vulnerabilities	high
126781	Oracle Fusion Middleware Oracle HTTP Server (Jul 2019 CPU)	high
126312	Apache Tomcat 9.0.0.M1 < 9.0.16	high
126262	Oracle WebLogic Server Deserialization RCE (CVE-2019-2729)	critical
126245	Apache Tomcat 9.0.0.M1 < 9.0.20 DoS	high
126125	Apache Tomcat 8.5.0 < 8.5.41 DoS	high
126052	IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904)	critical
125642	OpenSSL 1.1.0 < 1.1.0k Vulnerability	high
125641	OpenSSL 1.1.1 < 1.1.1c Vulnerability	high
125630	IBM WebSphere Application Server Virtual Enterprise 7.0.x / Network Deployment 8.5.x < 8.5.5.16 / Network Deployment 9.0.0.x <= 9.0.0.11 Remote Code Execution Vulnerability (CVE-2019-4279)	critical

Detections

Analytics

Web Servers Family for Nessus

info

medium

medium

high

medium

medium

high

high

medium

high

critical

medium

critical

high

high

medium

high

high

high

high

high

critical

medium

low

medium

medium

high

high

high

medium

medium

info

info

medium

critical

medium

medium

medium

medium

critical

high

high

high

critical

high

high

critical

high

high

critical