CGI abuses Family for Nessus

ID	Name	Severity
144622	SolarWinds Orion Platform < 2019.4 HF6 / 2020.2 < 2020.2.1 HF2 Authentication Bypass (SUPERNOVA)	critical
144366	SolarWinds Orion Platform < 2020.2.1 XSS	critical
144365	Apache Struts 2.x < 2.5.26 RCE (S2-061) (direct check)	critical
144198	SolarWinds Orion Platform 2019.4 HF5 / 2020.2.x < 2020.2.1 SUNBURST Malware Backdoor	high
143600	ManageEngine ServiceDesk Plus < 10.0 Build 10012 Arbitrary File Upload	medium
143574	VMware Workspace One Access / VMware Identity Manager Command Injection Vulnerability (VMSA-2020-0027)	critical
143532	phpMyAdmin 4.0.x < 4.0.10.18 / 4.4.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Vulnerabilities	critical
143489	phpMyAdmin 4.0.x < 4.0.10.15 / 4.4.x < 4.4.15.5 / 4.5.x < 4.5.5.1 Multiple Vulnerabilities	medium
143449	PHP 7.3.x < 7.3.25 / 7.4.x < 7.4.13 Multiple Vulnerabilities	medium
143422	EMC RSA Archer 6.8 < 6.8.0.4 / 6.9 < 6.9.0.1 URL Injection	medium
143380	Joomla 1.7.x < 3.9.23 Multiple Vulnerabilities (5828-joomla-3-9-23)	critical
143282	phpMyAdmin 4.0.0 < 4.0.10.17 / 4.4.0 < 4.4.15.8 / 4.6.0 < 4.6.4 Multiple Vulnerabilities	critical
143274	Drupal 7.x < 7.75 / 8.x < 8.8.12 / 8.9.x < 8.9.10 / 9.0.x < 9.0.9 Multiple Vulnerabilities (SA-CORE-2020-013)	high
143273	phpMyAdmin 4.0.x < 4.0.10.10 / 4.2.x < 4.2.13.3 / 4.3.x < 4.3.13.1 / 4.4.x < 4.4.6.1 Multiple Vulnerabilities (PMASA-2015-2, PMASA-2015-3)	medium
143272	Atlassian JIRA < 7.13.18 / 8.0.x < 8.5.9 / 8.6.x < 8.12.1 Information Disclosure (JRASERVER-71646)	medium
143262	phpMyAdmin 4.3.x < 4.7.8 XSS (PMASA-2018-1)	medium
143253	phpMyAdmin 4.7.x < 4.7.7 XSRF (PMASA-2017-9)	high
143126	Drupal 7.x < 7.74 / 8.x < 8.8.11 / 8.9.x < 8.9.9 / 9.0.x < 9.0.8 RCE (SA-CORE-2020-012)	high
142904	PHP 7.4.x < 7.4.12 DoS	medium
142894	Citrix SD-WAN Center 10.2.x < 10.2.8 / 11.1.x < 11.1.2b / 11.2.x < 11.2.2 Multiple Vulnerabilities (CTX285061)	critical
142893	Zimbra Collaboration Server 9.x < 9.0.0 P2 XSS	medium
142892	Zimbra Collaboration Server < 8.8.15 P10 / 9.x < 9.0.0 P3 Unrestricted Upload	high
142878	Zimbra Collaboration Server < 8.8.15 P11 / 9.x < 9.0.0 P4 XSS	medium
142742	Adobe Connect <= 11.0.0 Multiple Arbitrary Javascript Execution In The Browser Vulnerabilities (APSB20-69)	medium
142596	Dell OpenManage Server Administrator Path Traversal (DSA-2020-172)	critical
142591	PHP < 7.3.24 Multiple Vulnerabilities	high
142462	Selligent Message Studio Struts Code Execution (CVE-2013-2251)	critical
142420	WordPress < 5.5.2 Multiple Vulnerabilities	critical
141847	MySQL Enterprise Monitor 8.0.x < 8.0.22.1262 DoS (Oct 2020 CPU)	high
141828	Atlassian JIRA < 8.5.9 / 8.6.x < 8.12.3 / 8.13.x < 8.13.1 XSS (JRASERVER-71652)	medium
141810	WordPress Loginizer plugin < 1.6.4 blind SQLi (CVE-2020-27615)	critical
141799	Atlassian JIRA < 7.13.18 / 8.x < 8.5.9 / 8.6.x < 8.12.2 Information Disclosure (JRASERVER-71696)	medium
141785	Oracle Primavera Gateway (Oct 2020 CPU)	critical
141781	DrayTek Vigor < 1.5.1 Unauthenticated RCE (Direct Check)	critical
141641	Oracle Primavera Unifier (Oct 2020 CPU)	critical
141576	Selligent Message Studio Struts Code Execution (CVE-2017-5638)	critical
141575	Selligent Message Studio Detection	info
141366	MobileIron Core 10.3.0.x < 10.3.0.4-19 / 10.4.0.x < 10.4.0.4-22 / 10.5.1.1 < 10.5.1.1-22 / 10.5.2.1 < 10.5.2.1-14 / 10.6.0.1 < 10.6.0.1-19 / 10.7.0.0 < 10.7.0.0-28	critical
141355	PHP 7.2 < 7.2.34 / 7.3.x < 7.3.23 / 7.4.x < 7.4.11 Mulitiple Vulnerabilities	medium
140798	Citrix SD-WAN WANOP Multiple Vulnerabilities (CTX281474)	high
140790	Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX281474)	high
140770	HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO Superdome 4 < 1.64 / HP iLO 5 < 2.18 / HP Moonshot/Edgeline iLO 5 < 2.30 Ripple20 Multiple vulnerabilities	critical
140769	Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.12.0 User Enumeration (JRASERVER-71560)	medium
140768	Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.10.2 / 8.11.x < 8.11.1 DoS (JRASERVER-71388)	medium
140767	Atlassian Jira < 8.5.8 / 8.6.0 < 8.11.1 Sensitive Data Exposure (JRASERVER-71536)	medium
140766	Drupal 7.x < 7.73 / 8.8.x < 8.8.10 / 8.9.x < 8.9.6 / 9.0.x < 9.0.6 XSS (drupal-2020-09-16)	medium
140765	Drupal 8.8.x < 8.8.10 / 8.9.x < 8.9.6 / 9.0.x < 9.0.6 Multiple Vulnerabilities (drupal-2020-09-16)	high
140696	CodeMeter < 7.10a Multiple Vulnerabilities	critical
140695	CodeMeter < 7.10 Information Exfiltration Vulnerability	high
140694	CodeMeter < 6.90 License forging Vulnerability	high

Detections

Analytics

CGI abuses Family for Nessus

critical

critical

critical

high

medium

critical

critical

medium

medium

medium

critical

critical

high

medium

medium

medium

high

high

medium

critical

medium

high

medium

medium

critical

high

critical

critical

high

medium

critical

medium

critical

critical

critical

critical

info

critical

medium

high

high

critical

medium

medium

medium

medium

high

critical

high

high