Web Servers Family for Nessus

ID	Name	Severity
128117	OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities	medium
128116	OpenSSL 1.1.1 < 1.1.1d Multiple Vulnerabilities	medium
128115	OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities	medium
128065	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Admin Console Directory Traversal Vulnerability (CVE-2018-1770)	medium
128033	Apache 2.4.x < 2.4.41 Multiple Vulnerabilities	critical
127907	nginx 1.9.5 < 1.16.1 / 1.17.x < 1.17.3 Multiple Vulnerabilities	high
126781	Oracle Fusion Middleware Oracle HTTP Server (Jul 2019 CPU)	high
126312	Apache Tomcat 9.0.0.M1 < 9.0.16	high
126262	Oracle WebLogic Server Deserialization RCE (CVE-2019-2729)	critical
126245	Apache Tomcat 9.0.0.M1 < 9.0.20 DoS	high
126125	Apache Tomcat 8.5.0 < 8.5.41 DoS	high
126052	IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904)	critical
125642	OpenSSL 1.1.0 < 1.1.0k Vulnerability	high
125641	OpenSSL 1.1.1 < 1.1.1c Vulnerability	high
125630	IBM WebSphere Application Server Virtual Enterprise 7.0.x / Network Deployment 8.5.x < 8.5.5.16 / Network Deployment 9.0.0.x <= 9.0.0.11 Remote Code Execution Vulnerability (CVE-2019-4279)	critical
125595	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719)	medium
125265	Oracle WebLogic Server Java Object Deserialization RCE (CVE-2018-3245)	critical
124566	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 Form Login Spoofing Vulnerability (CVE-2018-1695)	medium
124565	IBM BigFix Platform 9.5.x < 9.5.12 Multiple Vulnerabilities	critical
124564	IBM BigFix Platform 9.2.x <= 9.2.16 / 9.5.x <= 9.5.11 Information Disclosure	medium
124563	IBM BigFix Platform 9.5.x < 9.5.10 Plain Text Credentials	high
124338	Oracle WebLogic WLS9-async Remote Code Execution (remote check)	critical
124336	NGINX Unit HTTP Server Detection	info
124335	NGINX Unit 0.x > 0.3 / 1.x < 1.7.1 Heap Buffer Overflow (CVE-2019-7401)	critical
124240	GPON ONT Home Gateway Remote Enabling of Telnet (CVE-2019-3917)	high
124156	Oracle Fusion Middleware Oracle HTTP Server (Apr 2019 CPU)	critical
124090	Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU)	critical
124064	Apache Tomcat 7.0.0 < 7.0.94 multiple vulnerabilities	high
124063	Apache Tomcat 8.5.0 < 8.5.40 multiple vulnerabilities	high
124058	Apache Tomcat 9.0.0.M1 < 9.0.18	high
124025	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Admin Console Denial of Service (DoS) Vulnerability (CVE-2019-4080)	medium
124024	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 / Liberty < 19.0.0.4 Request Header Denial of Service (DoS) Vulnerability (CVE-2019-4046)	high
124023	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Information Disclosure Vulnerability (CVE-2018-1996)	medium
123642	Apache 2.4.x < 2.4.39 Multiple Vulnerabilities	high
123419	GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3920)	high
123013	GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3919)	high
122612	nginx <= 1.3.13 Insecure Log Permissions	high
122504	OpenSSL 1.0.2 < 1.0.2r Vulnerability	medium
122447	Apache Tomcat 9.0.0.M1 < 9.0.8	high
124462	Oracle WebLogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.3 Java Object Deserialization RCE (CVE-2018-3191)	critical
122403	Operating System Unsupported Version Detection in banner reporting (PCI-DSS check)	critical
122157	Unsupported linux kernel version detected in banner reporting (PCI-DSS check)	critical
122060	Apache 2.4.x < 2.4.33 Multiple Vulnerabilities	critical
122059	Apache 2.4.17 / 2.4.18 DoS	medium
121421	Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2019 CPU)	high
121385	OpenSSL 1.1.1 < 1.1.1a Multiple Vulnerabilities	medium
121384	OpenSSL 1.1.0 < 1.1.0j Multiple Vulnerabilities	medium
121383	OpenSSL 1.0.2 < 1.0.2q Multiple Vulnerabilities	medium
121355	Apache 2.4.x < 2.4.38 Multiple Vulnerabilities	high
121348	WAS Target Discovery for PCI	info

Detections

Analytics

Web Servers Family for Nessus

medium

medium

medium

medium

critical

high

high

high

critical

high

high

critical

high

high

critical

medium

critical

medium

critical

medium

high

critical

info

critical

high

critical

critical

high

high

high

medium

high

medium

high

high

high

high

medium

high

critical

critical

critical

critical

medium

high

medium

medium

medium

high

info