Web Servers Family for Nessus

ID	Name	Severity
121125	Apache Tomcat < 9.0.0.M3 Multiple Vulnerabilities	high
121124	Apache Tomcat 8.0.0.RC1 < 8.0.52	high
121123	Apache Tomcat 8.0.0.RC1 < 8.0.30	medium
121122	Apache Tomcat < 8.0.0-RC10 Multiple Vulnerabilities	low
121121	Apache Tomcat 7.0.28 < 7.0.88	high
121120	Apache Tomcat 7.0.0 < 7.0.76	critical
121119	Apache Tomcat 7.0.0 < 7.0.70	high
121118	Apache Tomcat 7.0.5 < 7.0.67	high
121117	Apache Tomcat 7.0.0 < 7.0.65	medium
121116	Apache Tomcat 7.0.0 < 7.0.47 multiple vulnerabilities	medium
121115	Apache Tomcat 7.0.0 < 7.0.2	medium
121114	Apache Tomcat < 6.0.6 Cross-Site Scripting	medium
121113	Apache Tomcat < 6.0.14 Multiple Vulnerabilities	medium
121112	Apache Tomcat < 6.0.10 Directory Traversal	medium
109394	WAS Target Scanning for PCI	info
119843	IBM BigFix Platform 9.2.x < 9.2.15 / 9.5.x < 9.5.10 Multiple Vulnerabilities	high
119811	Script Src Integrity Check	high
119777	GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562)	critical
119776	GPON ONT Home Gateway Router is vulnerable to authentication bypass (CVE-2018-10561)	critical
119682	Quest NetVault Backup Server Detection	info
119680	IBM WebSphere Application Server 9.0.0.x < 9.0.0.10 XML External Entity Injection (XXE) Vulnerability (CVE-2018-1905)	high
119679	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Admin Console Directory Traversal Vulnerability (CVE-2018-1770)	medium
119678	IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.0.x < 9.0.0.9 Installation Verification Tool Cross-site Scripting (XSS) Vulnerability (CVE-2018-1643)	medium
119559	Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)	high
119608	lighttpd < 1.4.51 Multiple Vulnerabilities	medium
119607	lighttpd < 1.4.50 Multiple Vulnerabilities	high
118956	nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Multiple Vulnerabilities	medium
118710	Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability	high
118151	nginx Data Disclosure Vulnerability	high
118150	nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability	high
118091	VMware AirWatch Console 9.1.x < 9.1.5.6 / 9.2.x < 9.2.3.27 / 9.3.x < 9.3.0.25 / 9.4.x < 9.4.0.22 / 9.5.x < 9.5.0.16 / 9.6.x < 9.6.0.7 / 9.7.x < 9.7.0.3 SAML Security Bypass	high
118087	Citrix NetScaler Application Delivery Management (ADM)	info
118086	Citrix NetScaler Management and Analytics System Default Administrator Credentials	high
118037	Apache Tomcat 9.0.0.M1 < 9.0.12 Open Redirect Weakness	medium
118036	Apache Tomcat 8.5.0 < 8.5.34	medium
118035	Apache Tomcat 7.0.23 < 7.0.91	medium
117860	TP-Link HTTP Server Detection	info
117807	Apache 2.4.x < 2.4.35 DoS	medium
117463	Zinwave Series 3000 DAS Web Interface Detection	info
112120	OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities	medium
112119	OpenSSL 1.0.2 < 1.0.2p Multiple Vulnerabilities	medium
111788	Apache 2.4.x < 2.4.34 Multiple Vulnerabilities	high
111665	Oracle WebLogic Server Deserialization RCE (CVE-2018-2893)	critical
111465	Apache HTTP Server Error Page Detection	info
111069	Apache Tomcat 9.0.0 < 9.0.9	critical
111066	Apache Tomcat 7.0.0 < 7.0.89	critical
111068	Apache Tomcat 8.5.5 < 8.5.32 multiple vulnerabilities	critical
111067	Apache Tomcat 8.0.0.RC1 < 8.0.53 multiple vulnerabilities	critical
110944	NetApp SANtricity Web Services Proxy Detection	info
110943	NetApp SANtricity Web Services Proxy Unauthenticated RCE	critical

Detections

Analytics

Web Servers Family for Nessus

high

high

medium

low

high

critical

high

high

medium

medium

medium

medium

medium

medium

info

high

high

critical

critical

info

high

medium

medium

high

medium

high

medium

high

high

high

high

info

high

medium

medium

medium

info

medium

info

medium

medium

high

critical

info

critical

critical

critical

critical

info

critical