Web Servers Family for Nessus

ID	Name	Severity
118956	nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Multiple Vulnerabilities	medium
118710	Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability	high
118151	nginx Data Disclosure Vulnerability	high
118150	nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability	high
118091	VMware AirWatch Console 9.1.x < 9.1.5.6 / 9.2.x < 9.2.3.27 / 9.3.x < 9.3.0.25 / 9.4.x < 9.4.0.22 / 9.5.x < 9.5.0.16 / 9.6.x < 9.6.0.7 / 9.7.x < 9.7.0.3 SAML Security Bypass	high
118087	Citrix NetScaler Application Delivery Management (ADM)	info
118086	Citrix NetScaler Management and Analytics System Default Administrator Credentials	high
118037	Apache Tomcat 9.0.0.M1 < 9.0.12 Open Redirect Weakness	medium
118036	Apache Tomcat 8.5.0 < 8.5.34	medium
118035	Apache Tomcat 7.0.23 < 7.0.91	medium
117860	TP-Link HTTP Server Detection	info
117807	Apache 2.4.x < 2.4.35 DoS	medium
117463	Zinwave Series 3000 DAS Web Interface Detection	info
112120	OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities	medium
112119	OpenSSL 1.0.2 < 1.0.2p Multiple Vulnerabilities	medium
111788	Apache 2.4.x < 2.4.34 Multiple Vulnerabilities	high
111665	Oracle WebLogic Server Deserialization RCE (CVE-2018-2893)	critical
111465	Apache HTTP Server Error Page Detection	info
111069	Apache Tomcat 9.0.0 < 9.0.9	critical
111066	Apache Tomcat 7.0.0 < 7.0.89	critical
111068	Apache Tomcat 8.5.5 < 8.5.32 multiple vulnerabilities	critical
111067	Apache Tomcat 8.0.0.RC1 < 8.0.53 multiple vulnerabilities	critical
110944	NetApp SANtricity Web Services Proxy Detection	info
110943	NetApp SANtricity Web Services Proxy Unauthenticated RCE	critical
109945	OpenSSL 1.0.2b < 1.0.2o Vulnerability	medium
109553	Oracle WebLogic HTTP Detection	info
109429	Oracle WebLogic Server Deserialization RCE (CVE-2018-2628)	critical
109321	JBoss Enterprise Application Platform doFilter() Method Insecure Deserialization RCE	critical
108808	Microsoft IIS 7.0 Vulnerabilities (uncredentialed) (PCI/DSS)	high
108807	Web Form Sending Credentials Using GET (PCI-DSS check)	medium
108759	IBM WebSphere Application Server 9.0.0.0 < 9.0.0.8 Spoof Attack Vulnerability	medium
108591	OS vulnerabilities detected in banner reporting (PCI-DSS check)	high
108590	Kernel vulnerabilities detected in banner reporting (PCI-DSS check)	high
108381	Aspen HTTP Server Detection	info
108380	Aspen < 0.22 Directory Traversal	medium
108373	Multi-Threaded HTTP Server v1.1 for Zimbra	medium
107265	nginx < 1.8.1 / 1.9.x < 1.9.10 Multiple Vulnerabilities	high
107264	nginx < 0.7.67 / 0.8.x < 0.8.41 DoS	medium
107263	nginx < 0.7.66 / 0.8.x < 0.8.40 Information Disclosure	medium
107262	nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities	medium
107261	nginx < 0.7.63 / 0.8.x < 0.8.17 Directory Traversal	medium
107228	Apache Traffic Server 5.2.0 - 5.3.2 / 6.x < 6.2.2 / 7.x < 7.1.2 TLS Handshake DoS	high
107227	Apache Traffic Server 6.x < 6.2.2 / 7.x < 7.1.2 Host Header and Line Folding Vulnerability	high
106978	Apache Tomcat 9.0.0.M1 < 9.0.5 Insecure CGI Servlet Search Algorithm Description Weakness	medium
106977	Apache Tomcat 8.5.0 < 8.5.28 multiple vulnerabilities	medium
106976	Apache Tomcat 8.0.0.RC1 < 8.0.50 multiple vulnerabilities	medium
106975	Apache Tomcat 7.0.0 < 7.0.85 multiple vulnerabilities	medium
106843	IBM WebSphere Application Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.7 Admin Console Unspecified Insecure Security Remote Privilege Escalation	high
106713	Apache Tomcat 9.0.0.M22 < 9.0.2	medium
106712	Apache Tomcat 8.5.16 < 8.5.24	medium

Detections

Analytics

Web Servers Family for Nessus

medium

high

high

high

high

info

high

medium

medium

medium

info

medium

info

medium

medium

high

critical

info

critical

critical

critical

critical

info

critical

medium

info

critical

critical

high

medium

medium

high

high

info

medium

medium

high

medium

medium

medium

medium

high

high

medium

medium

medium

medium

high

medium

medium