Web Servers Family for Nessus

ID	Name	Severity
163771	IBM WebSphere Application Server Liberty 17.0.0.3 <= 22.0.0.7 Identity Spoofing (6602015)	high
163589	Metabase LFI (CVE-2021-41277)	high
163499	Eyes of Network API Insufficient Credential Protection (CVE-2020-8657)	critical
163498	EyesOfNetwork HTTP API Detection	info
163249	IBM WebSphere Application Server 8.5.x < 8.5.5.23 / 9.0.x < 9.0.5.14 XSS	medium
162785	SAP NetWeaver AS Java Reverse Tabnabbing (2965315)	medium
162728	SAP NetWeaver AS ABAP Information Disclosure (2963137)	medium
162721	OpenSSL 1.1.1 < 1.1.1q Vulnerability	medium
162720	OpenSSL 3.0.0 < 3.0.5 Multiple Vulnerabilities	critical
162673	OpenSSL 3.0.4 < 3.0.5-dev Vulnerability	critical
162502	Apache Tomcat 8.5.50 < 8.5.82	medium
162500	Apache Tomcat 10.1.0.M1 < 10.1.0.M17	medium
162499	Apache Tomcat 10.0.0.M1 < 10.0.23	medium
162498	Apache Tomcat 9.0.30 < 9.0.65	medium
162420	OpenSSL 1.1.1 < 1.1.1p Vulnerability	critical
162419	OpenSSL 1.0.2 < 1.0.2zf Vulnerability	critical
162418	OpenSSL 3.0.0 < 3.0.4 Vulnerability	critical
162414	SAP NetWeaver AS Java Information Disclosure (Enterprise Portal) (3059764)	medium
162413	SAP NetWeaver AS Java Insufficient Logging	medium
162396	SAP NetWeaver ABAP Improper Access Control (3158375)	critical
162321	IBM WebSphere Application Server Spoofing (6587947)	medium
162316	SAP NetWeaver AS Java Information Disclosure (2256846)	medium
161948	Apache 2.4.x < 2.4.54 Multiple Vulnerabilities	critical
161698	Nginx Plus < R24 P1 1-Byte Memory Overwrite RCE	high
161697	nginx R8 < R18-P1 Multiple Vulnerabilities	high
161696	Nginx Plus R1 < R15-P2 / R16 < R16-P1 Multiple Vulnerabilities	medium
161695	Nginx Plus > R13 Data Disclosure Vulnerability	high
161665	SAP NetWeaver AS ABAP and Code Injection (3119365)	critical
161664	SAP NetWeaver AS ABAP and Code Injection (3123196)	medium
161454	Apache 2.4.x < 2.4.52 mod_lua Buffer Overflow	critical
161371	IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.5 Information Disclosure (6585704)	medium
161370	IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.5 Identity Spoofing (6586734)	medium
161186	SAP NetWeaver AS ABAP Multiple Vulnerabilities (January 2022)	high
161185	SAP NetWeaver AS ABAP and AS Java Memory Corruption (3145702)	high
161184	SAP NetWeaver AS Java XSS (3145046)	medium
161181	Apache Tomcat 8.5.0 < 8.5.76	high
161159	Apache Tomcat 9.0.0.M1 < 9.0.21	high
160894	Apache Tomcat 9.0.13 < 9.0.63	high
160893	Apache Tomcat 10.0.0.M1 < 10.0.21	high
160892	Apache Tomcat 10.1.0.M1 < 10.1.0.M15	high
160891	Apache Tomcat 8.5.38 < 8.5.79	high
160480	OpenSSL 1.0.2 < 1.0.2ze Vulnerability	critical
160477	OpenSSL 1.1.1 < 1.1.1o Vulnerability	critical
160473	OpenSSL 3.0.0 < 3.0.3 Multiple Vulnerabilities	critical
160298	Apache APISIX Dashboard Detection	info
159947	Oracle HTTP Server (Apr 2022 CPU)	critical
159550	Web Site Accepts Credit Card Data over cleartext HTTP	medium
159549	Web Site Accepts Credit Card Data	info
159464	Apache Tomcat 9.0.0.M1 < 9.0.62 Spring4Shell CVE-2021-43980	low
159463	Apache Tomcat 10.0.0.M1 < 10.0.20 Spring4Shell (CVE-2022-22965) Mitigations	low

Detections

Analytics

Web Servers Family for Nessus

high

high

critical

info

medium

medium

medium

medium

critical

critical

medium

medium

medium

medium

critical

critical

critical

medium

medium

critical

medium

medium

critical

high

high

medium

high

critical

medium

critical

medium

medium

high

high

medium

high

high

high

high

high

high

critical

critical

critical

info

critical

medium

info

low

low