RELAYTO Penetration Test Results (64/101)

Pass OS Identiﬁcation : Miscellaneous Methods 01 Apr 2013 None Pass Juniper Junos Sockets Library Buﬀer Overﬂow Privilege Escalation (JSA10792) CVE-2017-2344 23 Aug 2017 7.8 (v3) High Pass Authenticated Check : OS Name and Installed Package Enumeration 06 Jul 2004 None Pass OS Identiﬁcation : MSRPC 19 May 2007 None Pass Juniper Junos J-Web Weak SSL Ciphers (PSN-2011-01-147) 22 Aug 2011 2.9 (v2) Low Pass IRC Daemon STARTTLS Command Support 08 Jan 2016 None Pass rsync STARTTLS Command Support 08 Jan 2016 None Pass AXIGEN Mail Server AXIMilter CNHO Command Remote Format String CVE-2008-0434 28 Jan 2008 5.1 (v2) Medium Pass IBM Tivoli Provisioning Manager OS Deployment < 5.1.0.3 Interim Fix 3 HTTP Server Logging Functionality Remote OverCVE-2008-0401ﬂow 13 Feb 2008 10 (v2) Critical Pass OpenSSL 1.0.2 < 1.0.2za Vulnerability CVE-2021-3712 24 Aug 2021 7.4 (v3) High Pass NetSpy Malware Services Detection 29 Mar 2016 10 (v2) Critical Pass Juniper Junos LLDP Packet Handling Memory Corruption Vulnerability (JSA10830) CVE-2018-0007 26 Jan 2018 8.4 (v3) High Pass Apache Tomcat 7.0.x < 7.0.40 Multiple Vulnerabilities CVE-2013-2071 CVE-2013-4444 15 May 2013 3.7 (v3) Low Pass Apache Tomcat 7.0.x < 7.0.52 Content-Type DoS CVE-2014-0050 25 Feb 2014 5.3 (v3) Medium Pass Cisco Email Security Appliance (ESA) GUI Denial of Service Vulnerability CVE-2020-3164 13 Mar 2020 5.3 (v3) Medium Pass SurgeMail <= 3.0c2 Multiple XSS CVE-2005-1714 20 May 2005 4.3 (v2) Medium Pass OTRS Authenticated Remote Code Execution (OSA-2017-09) CVE-2017-16921 14 Feb 2019 8.8 (v3) High Pass Juniper Junos Key Exchange Initialization Handling Memory Exhaustion Remote DoS (JSA10837) CVE-2016-8858 26 Jan 2018 7.5 (v3) High Pass Cisco Email Security Appliance Privilege Escalation Vulnerability CVE-2018-0095 26 Jan 2018 7.8 (v3) High Pass Apache Storm < 1.1.3 / 1.2.x < 1.2.2 arbitrary ﬁle write vulnerability CVE-2018-8008 28 Feb 2019 5.5 (v3) Medium Pass VMware vRealize Automation Deserialization Vulnerability (VMSA-2018-0006) CVE-2017-4947 06 Feb 2018 9.8 (v3) Critical Pass Default Password ('!2345Asdfg') for 'root' Account CVE-1999-0502 06 Mar 2019 9.8 (v3) Critical Pass Mac OS X 10.10.x < 10.10.1 Multiple Vulnerabilities CVE-2014-4453 CVE-2014-4458 CVE-2014-4459 CVE-2014-4460 18 Nov 2014 6.8 (v2) Medium Pass rsh Unauthenticated Access (via ﬁnger Information) CVE-2012-6392 23 Apr 2000 10 (v2) Critical Pass Icecast utils.c fd_write Function Format String CVE-2001-0197 24 Jan 2001 10 (v2) Critical Pass MariaDB 10.3.1 < 10.3.2 Multiple DoS Vulnerabilities 07 Dec 2017 4.3 (v3) Medium Pass Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.x Authentication Bypass in Seraph (JRASERVER-73650) CVE-2022-0540 22 Apr 2022 9.8 (v3) Critical Pass Jenkins LTS < 2.319.3 / Jenkins weekly < 2.334 Multiple Vulnerabilities CVE-2021-43859 CVE-2022-0538 09 Feb 2022 7.5 (v3) High Pass pfSense < 2.2 Multiple XSS Vulnerabilities (SA-15_01) 31 Jan 2018 4.7 (v3) Medium Pass lighttpd HTTP Server Detection 06 Feb 2018 None Pass SMTP Host Information in NTLM SSP 28 Mar 2018 None Pass MySQL Eventum index.php email Parameter XSS 03 Jan 2005 4.3 (v2) Medium Pass POP3 Host Information in NTLM SSP 03 Apr 2018 None Pass Sendmail Crafted ETRN Commands Remote DoS CVE-1999-1109 11 Mar 2003 5.3 (v3) Medium Pass Cisco IOS Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj) CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-20726 CVE-2022-2072722 Apr 2022 7.5 (v3) High Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2021-0016) CVE-2021-22002 CVE-2021-22003 12 Aug 2021 9.8 (v3) Critical Pass Belkin N750 Router Command Injection 10 Jul 2017 9.8 (v3) Critical Pass Wind River VxWorks < 7.0 Multiple Vulnerabilities CVE-2020-13603 CVE-2020-35198 20 Aug 2021 9.8 (v3) Critical Pass WordPress Outdated Plugin Detection 20 Jul 2017 None Pass Nonexistent Page (404) Physical Path Disclosure CVE-2001-1372 CVE-2002-0266 CVE-2002-2008 CVE-2003-0456 11 Jun 2003 5 (v2) Medium Pass NETGEAR DGN Remote Unauthenticated Command Execution 24 Oct 2017 9.8 (v3) Critical Pass SSH Compression Error Checking 06 Nov 2017 None Pass Cisco Uniﬁed CommunicationsManager Information Disclosure (cisco-sa-cucm-logging-6QSWKRYz) CVE-2021-1226 22 Jan 2021 6.5 (v3) Medium Pass Cisco IOS Smart Install Protocol Misuse (cisco-sr-20170214-smi) 06 Apr 2017 None Pass Default Password 'cat1029' for 'Wproot' Account 01 Dec 2017 9.8 (v3) Critical Pass Apache Tomcat 8.5.7 < 8.5.11 nextRequest Information Disclosure CVE-2016-8747 13 Apr 2017 7.5 (v3) High Pass Apache Tomcat 8.5.x < 8.5.13 / 9.0.x < 9.0.0.M19 Multiple Vulnerabilities CVE-2017-5647 CVE-2017-5650 CVE-2017-5651 14 Apr 2017 9.8 (v3) Critical Pass Tenable SecurityCenter PHP < 5.6.30 Multiple Vulnerabilities (TNS-2017-04) CVE-2017-11147 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-10168 26 Jun 2017 9.8 (v3) Critical Pass OpenSSL < 0.9.6m / 0.9.7d Multiple Remote DoS CVE-2004-0079 CVE-2004-0081 CVE-2004-0112 17 Mar 2004 5 (v2) Medium Pass Oracle WebCenter Content Detection 16 Feb 2012 None Pass ZXShell Malware Services Detection 14 Oct 2014 10 (v2) Critical Pass Cisco IOS Software VPLS denial of service (cisco-sa-20170927-vpls) CVE-2017-12238 05 Oct 2017 6.5 (v3) Medium Pass Comelit Camera Detection 21 Apr 2017 None Pass Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities 27 Apr 2017 4.3 (v3) Medium Pass SSH Weak Algorithms Supported 04 Apr 2016 4.3 (v2) Medium Pass macOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007CVE-2012-1164 CVE-2012-2668 CVE-2013-4449 CVE-2015-1545 CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16301 CVE-2018-16451 CVE-2018-16452 CVE-2019-8828 CVE-2019-8830 CVE-2019-8832 CVE-2019-8833 CVE-2019-8837 CVE-2019-8838 CVE-2019-8839 CVE-2019-8842 CVE-2019-8847 CVE-2019-8848 CVE-2019-8852 CVE-2019-8853 CVE-2019-8856 CVE-2019-13057 CVE-2019-13565 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 CVE-2019-15166 CVE-2019-15167 CVE-2019-1590312 Dec 2019 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3737 CVE-2018-2562 CVE-2018-2573 CVE-2018-2583 CVE-2018-2590 CVE-2018-2591 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2647 CVE-2018-2665 CVE-2018-2668 CVE-2018-2696 CVE-2018-270317 Jan 2018 5.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2018 CPU) CVE-2017-10282 CVE-2017-12617 CVE-2018-2575 CVE-2018-2680 CVE-2018-2699 19 Jan 2018 8.1 (v3) High Pass Apache Tomcat 9.0.0.M22 < 9.0.2 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 8.0.0.RC1 < 8.0.50 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Splunk Enterprise < 5.0.15 / 6.0.11 / 6.1.10 / 6.2.9 / 6.3.3.4 or Splunk Light < 6.2.9 / 6.3.3.4 Multiple Vulnerabilities (DROWN)CVE-2015-7995 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 25 Apr 2016 9.8 (v3) Critical Pass Oracle Database Server Java VM Unspeciﬁed Remote Code Execution (April 2018 CPU) CVE-2018-2841 20 Apr 2018 8.5 (v3) High Pass AirConnect Default Password CVE-1999-0508 22 May 2002 7.5 (v2) High Pass OpenSSL 1.0.2 < 1.0.2c ASN.1 Encoder Negative Zero Value Handling RCE CVE-2016-2108 04 May 2016 9.8 (v3) Critical Pass Tenable SecurityCenter < 5.7.0 Multiple Vulnerabilites (TNS-2018-11) CVE-2018-1154 CVE-2018-1155 16 Aug 2018 5.4 (v3) Medium Pass Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM) CVE-2021-1582 01 Sep 2021 5.4 (v3) Medium Pass Apache Struts 2.x < 2.3.4.1 Multiple Vulnerabilities (S2-010) (S2-011) CVE-2012-4386 CVE-2012-4387 11 Sep 2018 7.1 (v3) High Pass Apache Tomcat < 6.0.6 Cross-Site Scripting CVE-2007-1358 11 Jan 2019 4.3 (v3) Medium Pass PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy) CVE-2015-8879 CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-629726 Jul 2016 9.8 (v3) Critical Pass Cisco IOS XR gRPC Software Denial of Service Vulnerability CVE-2019-1711 26 Apr 2019 7.5 (v3) High Pass Juniper JSA10904 CVE-2015-1283 29 May 2019 7.3 (v3) High Pass Juniper JSA10933 CVE-2019-0041 07 Jun 2019 8.6 (v3) High Pass IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904) CVE-2018-1904 20 Jun 2019 9.8 (v3) Critical Pass Cisco Data Center Network Manager < 11.1(1) Authentication Bypass Vulnerability CVE-2019-1619 12 Jul 2019 9.8 (v3) Critical Pass MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU) CVE-2018-16890 CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2741 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2791 CVE-2019-2797 CVE-2019-2805 CVE-2019-2819 CVE-2019-2948 CVE-2019-2969 CVE-2019-3822 CVE-2019-382318 Jul 2019 9.8 (v3) Critical Pass Nortel/Bay Networks Default Password CVE-1999-0508 05 Jun 2002 7.8 (v2) High Pass Juniper JSA10943 CVE-2019-0049 05 Aug 2019 7.5 (v3) High Pass Cisco IOS Short Message Service Denial of Service Vulnerability CVE-2019-1747 23 Aug 2019 8.6 (v3) High Pass Atlassian JIRA 7.x.x < 7.13.1 / 8.0.0 Cross-Site Scripting (XSS) Vulnerability (SB18-141) CVE-2018-20827 05 Sep 2019 5.4 (v3) Medium Pass ArubaOS-Switch Ripple20 Multiple Vulnerabilities (ARUBA-PSA-2020-006) CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-1191430 Jun 2021 10 (v3) Critical Pass Cisco FXOS Software Command Injection Vulnerabilities (cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782)CVE-2019-1781 CVE-2019-1782 15 Oct 2019 6.7 (v3) Medium Pass Cisco TelePresence Collaboration Endpoint Software Command Injection Vulnerability (cisco-sa-20191016-tele-ce-cmdinj)CVE-2019-15274 07 Nov 2019 6.7 (v3) Medium Pass MS03-043: Buﬀer Overrun in Messenger Service (828035) (uncredentialed check) CVE-2003-0717 16 Oct 2003 10 (v2) Critical Noise TLS ALPN Supported Protocol Enumeration 17 Jul 2015 None Pass Cisco NX-OS Software Command Injection (CVE-2019-1784) CVE-2019-1784 12 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1776) CVE-2019-1776 14 Nov 2019 6.7 (v3) Medium Pass Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write (cisco-sa-20180926-ir800-memwrite)CVE-2018-15375 CVE-2018-15376 16 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612) CVE-2019-1612 18 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (cisco-sa-20190306-nxos-cmdinj-1608) CVE-2019-1608 20 Dec 2019 6.7 (v3) Medium Pass DNS Server Zone Transfer Information Disclosure (AXFR) CVE-1999-0532 16 Jan 2001 5 (v2) Medium Pass MySQL 5.7.x < 5.7.29 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-5482 CVE-2020-2570 CVE-2020-2572 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2584 CVE-2020-2589 CVE-2020-2660 CVE-2020-2790 CVE-2020-2806 CVE-2020-281416 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1901)CVE-2018-1901 28 Jan 2020 8.8 (v3) High Pass IBM WebSphere Application Server Denial of Service (CVE-2019-4720) CVE-2019-4720 07 Feb 2020 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)CVE-2020-4163 14 Feb 2020 7.2 (v3) High Pass Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability CVE-2020-3165 09 Mar 2020 8.2 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Privilege Escalation (CVE-2020-4276)CVE-2020-4276 02 Apr 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.48 Multiple Vulnerabilities (Apr 2020 CPU) CVE-2020-2752 CVE-2020-2763 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2922 CVE-2021-2007 17 Apr 2020 3.7 (v3) Low Pass MySQL 5.7.x < 5.7.30 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-15601 CVE-2020-2760 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2922 CVE-2021-2007 CVE-2021-214417 Apr 2020 7.5 (v3) High Pass MySQL 8.0.x < 8.0.20 Multiple Vulnerabilities (Apr 2020 CPU) CVE-2019-15601 CVE-2020-2759 CVE-2020-2760 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020-2901 CVE-2020-2903 CVE-2020-2904 CVE-2020-2921 CVE-2020-2923 CVE-2020-2924 CVE-2020-2925 CVE-2020-2926 CVE-2020-2928 CVE-2020-2930 CVE-2021-2006 CVE-2021-2007 CVE-2021-2009 CVE-2021-2016 CVE-2021-2019 CVE-2021-214422 Jan 2021 7.5 (v3) High Pass Junos OS: Established BGP Session Termination Vulnerability (JSA10996) CVE-2020-1613 30 Apr 2020 7.5 (v3) High Pass IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957) CVE-2018-1957 11 May 2020 5.5 (v3) Medium Pass Cisco IOS Software Secure Shell DoS (cisco-sa-ssh-dos-Un22sd2A) CVE-2020-3200 05 Jun 2020 7.7 (v3) High Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection (cisco-sa-ios-iot-vds-cmd-inj-VfJtqGhE)CVE-2020-3210 10 Jun 2020 6.7 (v3) Medium Pass SMB Password Encryption Not Required 05 Jan 2016 4.3 (v2) Medium Pass Cisco IOS Internet Key Exchange Version 2 DoS (cisco-sa-ikev2-9p23Jj2a) CVE-2020-3230 26 Jun 2020 7.5 (v3) High Pass Windows NetBIOS / SMB Remote Host Report Tag 05 Nov 2018 None Pass Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Veriﬁcation Bypass (cisco-sa-ios-ir800-img-verif-wHhLCVE-2020-3208 YHjK) 07 Jul 2020 6.7 (v3) Medium Pass Cisco NX-OS Software CLI to Internal Service Bypass (cisco-sa-20190515-nxos-cli-bypass) CVE-2019-1726 18 Aug 2020 7.8 (v3) High Pass Lexmark MarkVision Enterprise ReportDownloadServlet Information Disclosure CVE-2014-8742 15 Jan 2015 5 (v2) Medium Pass Cisco Small Business RV340 Series Routers Firmware < 1.0.03.19 Command Injection and RCE (cisco-sa-rv-osinj-rCVE-2020-3451 CVE-2020-3453ce-pwTkPCJv) 04 Sep 2020 6.8 (v3) Medium Pass Cisco IOS Software Information Disclosure (cisco-sa-info-disclosure-V4BmJBNF) CVE-2020-3477 02 Oct 2020 5.5 (v3) Medium Pass EMC vApp Manager Default Credentials CVE-2018-1216 15 Feb 2018 9.8 (v3) Critical 64

RELAYTO Penetration Test Results - Page 64

RELAYTO Penetration Test Results Page 63 Page 65