Web Servers Family for Nessus

ID	Name	Severity
108808	Microsoft IIS 7.0 Vulnerabilities (uncredentialed) (PCI/DSS)	high
108807	Web Form Sending Credentials Using GET (PCI-DSS check)	medium
108759	IBM WebSphere Application Server 9.0.0.0 < 9.0.0.8 Spoof Attack Vulnerability	medium
108758	Apache 2.4.x < 2.4.33 Multiple Vulnerabilities (deprecated)	critical
108591	OS vulnerabilities detected in banner reporting (PCI-DSS check)	high
108590	Kernel vulnerabilities detected in banner reporting (PCI-DSS check)	high
108381	Aspen HTTP Server Detection	info
108380	Aspen < 0.22 Directory Traversal	medium
108373	Multi-Threaded HTTP Server v1.1 for Zimbra	medium
107265	nginx < 1.8.1 / 1.9.x < 1.9.10 Multiple Vulnerabilities	critical
107264	nginx < 0.7.67 / 0.8.x < 0.8.41 DoS	medium
107263	nginx < 0.7.66 / 0.8.x < 0.8.40 Information Disclosure	medium
107262	nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities	medium
107261	nginx < 0.7.63 / 0.8.x < 0.8.17 Directory Traversal	medium
107228	Apache Traffic Server 5.2.0 - 5.3.2 / 6.x < 6.2.2 / 7.x < 7.1.2 TLS Handshake DoS	high
107227	Apache Traffic Server 6.x < 6.2.2 / 7.x < 7.1.2 Host Header and Line Folding Vulnerability	high
106978	Apache Tomcat 9.0.0.M1 < 9.0.5 Insecure CGI Servlet Search Algorithm Description Weakness	medium
106977	Apache Tomcat 8.5.0 < 8.5.28 multiple vulnerabilities	medium
106976	Apache Tomcat 8.0.0.RC1 < 8.0.50 multiple vulnerabilities	medium
106975	Apache Tomcat 7.0.0 < 7.0.85 multiple vulnerabilities	medium
106843	IBM WebSphere Application Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.7 Admin Console Unspecified Insecure Security Remote Privilege Escalation	high
106713	Apache Tomcat 9.0.0.M22 < 9.0.2	medium
106712	Apache Tomcat 8.5.16 < 8.5.24	medium
106711	Apache Tomcat 8.0.45 < 8.0.48	medium
106710	Apache Tomcat 7.0.79 < 7.0.84	medium
106628	lighttpd HTTP Server Detection	info
106627	lighttpd < 1.4.36 Multiple Vulnerabilities	high
106626	lighttpd < 1.4.28 Insecure Temporary File Creation	low
106625	lighttpd < 1.4.26 or 1.5.0 Denial of Service	medium
106624	lighttpd < 1.4.19 Multiple Vulnerabilities	medium
106623	lighttpd < 1.4.16 Multiple Vulnerabilities	high
106609	Microsoft Windows IIS Default Index Page	medium
106584	VMware AirWatch Console 9.1.x < 9.1.5 / 9.2.x < 9.2.2 XSRF	high
106375	nginx HTTP Server Detection	info
106374	Default nginx HTTP Server Settings	medium
106349	Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)	critical
106299	Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)	critical
106232	Apache ServerTokens Information Disclosure	medium
106231	Apache .htaccess and .htpasswd Disclosure	medium
106230	Apache Default Index Page	medium
105778	Intel Management Engine Active Management Technology (AMT) Remote Access Enabled	info
105484	Oracle WebLogic WSAT Remote Code Execution	high
105292	OpenSSL 1.1.0 < 1.1.0h Multiple Vulnerabilities	medium
105291	OpenSSL 1.0.2 < 1.0.2n Multiple Vulnerabilities	medium
105006	Apache Tomcat HTTP PUT JSP File Upload RCE	high
104409	OpenSSL 1.1.0 < 1.1.0g Multiple Vulnerabilities	medium
104408	OpenSSL 1.0.2 < 1.0.2m Multiple Vulnerabilities	medium
104358	Apache Tomcat 6.0.x < 6.0.24 Multiple Vulnerabilities	high
104357	IBM BigFix Platform 9.2.x < 9.2.12 / 9.5.x < 9.5.7 Multiple Vulnerabilities	high
103962	Oracle GlassFish Server 3.0.1.x < 3.0.1.17 / 3.1.2.x < 3.1.2.18 (October 2017 CPU)	high

Detections

Analytics

Web Servers Family for Nessus

high

medium

medium

critical

high

high

info

medium

medium

critical

medium

medium

medium

medium

high

high

medium

medium

medium

medium

high

medium

medium

medium

medium

info

high

low

medium

medium

high

medium

high

info

medium

critical

critical

medium

medium

medium

info

high

medium

medium

high

medium

medium

high

high

high