Pass HP Operations Orchestration wsExecutionBridgeService Servlet Java Object Deserialization RCE CVE-2016-8519 16 Jan 2017 9.8 (v3) Critical Pass Novell NetBasic Scripting Server Encoded Traversal Arbitrary File Access CVE-2002-1417 09 Feb 2004 5 (v2) Medium Pass phpGedView Arbitrary File Access / Remote File Inclusion CVE-2004-0127 CVE-2004-0128 02 Feb 2004 7.5 (v2) High Pass phpMyAdmin 4.7.7 < 4.9.2 SQLi (PMASA-2019-5) CVE-2019-18622 26 Nov 2019 9.8 (v3) Critical Pass Apple TV < 5.1 Multiple Vulnerabilities CVE-2011-1167 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3919 CVE-2011-4599 CVE-2012-0682 CVE-2012-0683 CVE-2012-1173 CVE-2012-3589 CVE-2012-3590 CVE-2012-3591 CVE-2012-3592 CVE-2012-3678 CVE-2012-3679 CVE-2012-3722 CVE-2012-3725 CVE-2012-372627 Sep 2012 9.3 (v2) High Pass Multiple Vendor NIS rpc.ypupdated YP Map Update Arbitrary Remote Command Execution CVE-1999-0208 28 Mar 2008 9.3 (v2) High Pass F-Secure SSH Password Authentication Policy Evasion 14 Mar 2004 5 (v2) Medium Pass WarFTPd CWD Command Remote DoS CVE-2005-0312 27 Jan 2005 5 (v2) Medium Pass UW-IMAP CRAM-MD5 Remote Authentication Bypass CVE-2005-0198 29 Jan 2005 9.3 (v2) High Pass EMC Documentum D2 4.5.x and 4.6.x < 4.7 Multiple Vulnerabilities (ESA-2016-167) CVE-2016-9872 CVE-2016-9873 02 Feb 2017 6.3 (v3) Medium Pass Cisco TelePresence MCU Fragmented Packets Reassembly RCE CVE-2017-3792 06 Feb 2017 9.8 (v3) Critical Pass IBM DataPower Gateway < 7.5.2.2 Default Admin Password Security Bypass 06 Feb 2017 8.1 (v3) High Pass PostgreSQL < 7.2.7 / 7.3.9 / 7.4.7 / 8.0.1 Multiple Vulnerabilities CVE-2005-0227 CVE-2005-0244 CVE-2005-0245 CVE-2005-0246 CVE-2005-0247 03 Feb 2005 6.5 (v2) Medium Pass F5 Networks BIG-IP Web Interface Default Credential Check 31 Jul 2014 10 (v2) Critical Pass OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass Apache 2.2.x < 2.2.9 Multiple Vulnerabilities (DoS, XSS) CVE-2007-6420 CVE-2008-2364 CVE-2007-6423 11 Jul 2008 5.3 (v3) Medium Pass Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6309 CVE-2016-7052 CVE-2016-926015 Feb 2017 9.8 (v3) Critical Pass l2tpd < 0.69 control.c write_packet Function Remote Overflow CVE-2004-0649 22 Jul 2004 10 (v2) Critical Pass Network Time Protocol (NTP) Mode 6 Scanner 21 Mar 2017 5.8 (v3) Medium Pass Cabletron WebView Administrative Access 22 May 2002 7.5 (v2) High Pass AVTech Multiple Vulnerabilities 23 Oct 2017 10 (v3) Critical Pass MS04-022: Microsoft Windows Task Scheduler Remote Overflow (841873) (uncredentialed check) CVE-2004-0212 29 Jul 2004 10 (v2) Critical Pass Apple TV < 10.2 Multiple Vulnerabilities CVE-2016-3619 CVE-2016-9642 CVE-2016-9643 CVE-2017-2367 CVE-2017-2379 CVE-2017-2386 CVE-2017-2390 CVE-2017-2394 CVE-2017-2395 CVE-2017-2396 CVE-2017-2401 CVE-2017-2406 CVE-2017-2407 CVE-2017-2415 CVE-2017-2416 CVE-2017-2417 CVE-2017-2428 CVE-2017-2430 CVE-2017-2432 CVE-2017-2435 CVE-2017-2439 CVE-2017-2440 CVE-2017-2441 CVE-2017-2444 CVE-2017-2445 CVE-2017-2446 CVE-2017-2447 CVE-2017-2448 CVE-2017-2450 CVE-2017-2451 CVE-2017-2454 CVE-2017-2455 CVE-2017-2456 CVE-2017-2458 CVE-2017-2459 CVE-2017-2460 CVE-2017-2461 CVE-2017-2462 CVE-2017-2464 CVE-2017-2465 CVE-2017-2466 CVE-2017-2467 CVE-2017-2468 CVE-2017-2469 CVE-2017-2470 CVE-2017-2472 CVE-2017-2473 CVE-2017-2474 CVE-2017-2475 CVE-2017-2476 CVE-2017-2478 CVE-2017-2481 CVE-2017-2482 CVE-2017-2483 CVE-2017-2485 CVE-2017-2487 CVE-2017-2490 CVE-2017-2491 CVE-2017-249210 Apr 2017 7.8 (v3) High Pass Puppet Enterprise < 2017.2.2 Arbitrary Code Execution Vulnerability CVE-2017-2296 09 Oct 2019 6.5 (v3) Medium Pass Cisco TelePresence Management Address Unspecified Admin Access CVE-2013-3379 24 Jul 2013 8.3 (v2) High Pass HP OfficeJet Pro Wi-Fi Direct Support Printer Configuration Unauthenticated Access 21 Apr 2017 9.8 (v3) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.17 Java Server Faces Information Disclosure (April 2017 CPU) CVE-2017-3626 20 Apr 2017 3.1 (v3) Low Pass IP Forwarding Enabled CVE-1999-0511 23 Nov 2010 6.5 (v3) Medium Pass Oracle WebLogic Server mod_wl POST Request Remote Overflow CVE-2008-3257 18 Aug 2008 10 (v2) Critical Pass PostgreSQL 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 File Deletion CVE-2013-1899 08 Apr 2013 6.3 (v3) Medium Pass BadBlue Connection Saturation Remote DoS CVE-2004-1727 23 Aug 2004 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 15 Multiple Vulnerabilities CVE-2011-0315 CVE-2011-0316 CVE-2011-1307 CVE-2011-1308 CVE-2011-1309 CVE-2011-1310 CVE-2011-1311 CVE-2011-1312 CVE-2011-1313 CVE-2011-1314 CVE-2011-1315 CVE-2011-1316 CVE-2011-1317 CVE-2011-1318 CVE-2011-1319 CVE-2011-1320 CVE-2011-1321 CVE-2011-132210 Mar 2011 7.5 (v2) High Pass Junos OS: flowd DoS (JSA10963) CVE-2019-0064 04 Nov 2019 7.5 (v3) High Pass WS_FTP Server Multiple Vulnerabilities (Bounce, PASV Hijacking) CVE-1999-0017 01 Sep 2004 7.5 (v2) High Pass Exim < 4.76 dkim_exim_verify_finish() DKIM-Signature Header Format String CVE-2011-1407 CVE-2011-1764 10 May 2011 7.5 (v2) High Pass Serv-U 4.x-5.x STOU Command MS-DOS Argument Remote DoS CVE-2004-1675 13 Sep 2004 5 (v2) Medium Pass Citrix XenServer Web Self Service Detection 05 Mar 2012 None Pass Apache Jetspeed User Manager Service SQLi CVE-2016-0710 28 Mar 2016 8.8 (v3) High Pass Juniper Junos Space < 19.2R1 Multiple Vulnerabilities (JSA10951) CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 CVE-2018-10902 CVE-2018-12327 CVE-2019-5739 CVE-2019-613304 Dec 2019 9.8 (v3) Critical Pass Echo Service Detection CVE-1999-0103 CVE-1999-0635 22 Jun 1999 6.5 (v3) Medium Pass Canon ImageRUNNER SMTP Arbitrary Content Printing CVE-1999-0564 CVE-2004-2166 24 Sep 2004 5 (v2) Medium Pass phpMyAdmin Multiple Path Disclosure Vulnerabilities (PMASA-2016-1, PMASA-2016-6, PMASA-2016-8) CVE-2016-2038 CVE-2016-2042 CVE-2016-2044 12 Apr 2016 5.3 (v3) Medium Pass Apache HTTP Server mod_proxy Reverse Proxy HTTP 0.9 Information Disclosure CVE-2011-3639 09 Feb 2012 5 (v2) Medium Pass OpenSSL < 0.9.8w ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 CVE-2012-2131 24 Apr 2012 7.5 (v2) High Pass EMC Avamar ADS / AVE < 7.3.0 Hotfix 263301 PostgreSQL Command Local Privilege Escalation (ESA-2016-111)CVE-2016-0909 16 Dec 2016 8.4 (v3) High Pass Chargen UDP Service Remote DoS CVE-1999-0103 29 Nov 1999 5 (v2) Medium Pass VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check) CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 11 Jun 2012 9 (v2) High Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.12 Multiple Vulnerabilities 19 Dec 2016 7.5 (v3) High Pass SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection CVE-2009-3555 24 Nov 2009 5.8 (v2) Medium Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC)CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass HP System Management Homepage Multiple Vulnerabilities (HPSBMU03593) CVE-2007-6750 CVE-2011-4969 CVE-2015-3194 CVE-2015-3195 CVE-2015-3237 CVE-2015-7995 CVE-2015-8035 CVE-2016-0705 CVE-2016-0799 CVE-2016-2015 CVE-2016-284218 May 2016 9.8 (v3) Critical Pass glFTPd Multiple Script ZIP File Handling Arbitrary File / Directory Access CVE-2005-0483 01 Mar 2005 5 (v2) Medium Pass Cisco Web Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass Apple iTunes < 12.4 DLL Injection Arbitrary Code Execution (uncredentialed check) CVE-2016-1742 27 May 2016 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24-h1 / 8.0.x < 8.0.19-h1 / 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 VulnerabilityCVE-2019-1580 30 Aug 2019 9.8 (v3) Critical Pass IBM Storwize 1.3.x < 1.4.3.4 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities CVE-2007-6750 CVE-2013-4286 CVE-2013-4322 CVE-2014-0075 CVE-2014-0094 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0178 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 CVE-2014-3077 CVE-2014-3493 CVE-2014-481126 Jun 2015 9.3 (v2) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Apri 2017 CPU) CVE-2017-3500 CVE-2017-3508 16 Jan 2020 9.1 (v3) Critical Pass Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020) CVE-2008-6828 25 Nov 2008 2.1 (v2) Low Pass UBB.threads < 6.5.1 Multiple XSS CVE-2004-2509 CVE-2004-2510 13 Dec 2004 4.3 (v2) Medium Pass SIR GNUBoard Remote File Inclusion CVE-2004-1403 15 Dec 2004 8.3 (v3) High Pass Oracle GlassFish Server Request Handling Remote File Disclosure 20 Jun 2016 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24 / 8.0.x < 8.0.19 / 8.1.x < 8.1.8-h5 / 9.0.x < 9.0.2-h4 VulnerabilityCVE-2019-1575 19 Jul 2019 8.8 (v3) High Pass Cisco Nexus 3000 and 3500 Insecure Default Telnet Credentials (cisco-sa-20160302-n3k) CVE-2016-1329 03 Mar 2016 9.8 (v3) Critical Pass ArGoSoft FTP Server USER Command Account Enumeration CVE-2004-1428 03 Jan 2005 5.3 (v3) Medium Pass e_Board index2.cgi message Parameter Traversal Arbitrary File Access 23 Dec 2004 5 (v2) Medium Pass Palo Alto Networks PAN-OS Management Interface API Remote DoS (PAN-SA-2016-0008) 06 Jul 2016 5 (v2) Medium Pass VideoDB < 2.0.2 Multiple Vulnerabilities 12 Jan 2005 7.5 (v2) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-info-disc-QCSJB6YG) CVE-2021-1283 01 Feb 2021 5.5 (v3) Medium Pass Cisco ASA SSL VPN Functionality Version Information Disclosure (CSCuq65542) CVE-2014-3398 06 Jul 2016 5 (v2) Medium Pass ManageEngine ADSelfService Plus < 5.3 Build 5313 PasswordSelfServiceAPI XSS 11 Jul 2016 5.8 (v2) Medium Pass VMware Harbor 1.7.x < 1.7.6, 1.8.x < 1.8.3 (VMSA-2019-0015) CVE-2019-16097 17 Oct 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0002, PAN-SA-2016-0004) 04 Mar 2016 8.5 (v2) High Pass ngIRCd < 0.8.3 Log_Resolver() Format String CVE-2005-0226 03 Feb 2005 7.6 (v2) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.28 Information Disclosure (July 2016 CPU) CVE-2016-5477 20 Jul 2016 5.8 (v3) Medium Pass Drupal RESTWS Module Page Callback RCE 18 Jul 2016 10 (v2) Critical Pass eIQnetworks Enterprise Security Analyzer EnterpriseSecurityAnalyzer.exe LICMGR_ADDLICENSE Command Remote OverCVE-2006-3838flow 02 Aug 2006 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.7 Multiple Vulnerabilities CVE-2007-1944 CVE-2007-1945 CVE-2007-3262 CVE-2007-3263 05 Apr 2010 10 (v2) Critical Pass Cisco TelePresence VCS / Expressway 8.x < 8.8 Multiple Vulnerabilities (Bar Mitzvah) CVE-2015-2808 CVE-2015-6413 CVE-2016-1444 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-217614 Jul 2016 9.8 (v3) Critical Pass RealNetworks Helix Server < 11.1.8/12.0.1 Multiple Vulnerabilities CVE-2008-5911 30 Jan 2009 10 (v2) Critical Pass Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0003, PAN-SA-2016-0005) 04 Mar 2016 10 (v2) Critical Pass NetApp OnTap OS Default Credentials 25 Jul 2016 9.8 (v3) Critical Pass Drupal Coder Module Deserialization RCE 29 Jul 2016 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws CVE-2009-0434 12 Feb 2009 4.3 (v2) Medium Pass Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String CVE-2005-2931 19 Dec 2005 7.5 (v2) High Pass Splunk Enterprise < 5.0.16 / 6.0.12 / 6.1.11 / 6.2.10 / 6.3.6 / 6.4.3 or Splunk Light < 6.4.3 Cross-Site Redirection 25 Aug 2016 4.7 (v3) Medium Pass Mambo Open Source Tar.php Remote File Inclusion CVE-2005-0512 22 Feb 2005 6.8 (v2) Medium Pass ESXi 5.1 < Build 1483097 Multiple Vulnerabilities (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0338 CVE-2014-1207 CVE-2014-1208 20 Jan 2014 2.6 (v2) Low Pass Juniper Junos OS Denial of Service (JSA11098) CVE-2021-0208 29 Jan 2021 8.8 (v3) High Pass MiniUPnP DNS Rebind Vulnerability 30 Aug 2016 4.7 (v3) Medium Pass Cisco Nexus 5500 / 5600 / 6000 SNMP DoS (cisco-sa-20160302-n5ksnmp) CVE-2015-6260 09 Mar 2016 7.5 (v3) High Pass Cisco IOS XE SD-WAN DoS (cisco-sa-sdwan-dosmulti-48jJuEUP) CVE-2021-1274 01 Feb 2021 8.6 (v3) High Pass ProFTPD 1.2.0pre4 mkdir Command Directory Name Handling Remote Overflow CVE-1999-0911 31 Aug 1999 10 (v2) Critical Pass Cisco Nexus TCP Packet TIME_WAIT State Handling DoS (cisco-sa-20160302-netstack) CVE-2015-0718 09 Mar 2016 7.5 (v3) High Pass McAfee WebShield SMTP 4.5 Multiple Vulnerabilities CVE-2000-0738 CVE-2000-1130 27 Nov 2000 7.5 (v2) High Pass UPnP Internet Gateway Device (IGD) Port Mapping Listing 13 Oct 2016 6.3 (v3) Medium Pass UPnP WFA Device Detection 13 Oct 2016 5.4 (v3) Medium Pass MiCasaVerde VeraLite UPnP RCE CVE-2013-4863 07 Oct 2016 9.8 (v3) Critical Pass Core FTP Server < 1.2 Build 515 Multiple Vulnerabilities CVE-2014-1441 CVE-2014-1442 CVE-2014-1443 24 Feb 2014 4 (v2) Medium Pass Apache HTTP Server 403 Error Page UTF-7 Encoded XSS CVE-2008-2168 18 Nov 2011 6.5 (v3) Medium Pass Juniper Junos Authentication Bypass (JSA11001) CVE-2020-1618 03 Feb 2021 6.8 (v3) Medium Pass Cisco Data Center Network Manager Server-Side Request Forgery (cisco-sa-dcnm-ssrf-F2vX6q5p) CVE-2021-1272 02 Feb 2021 8.8 (v3) High Pass MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (uncredentialed check)CVE-2011-1966 CVE-2011-1970 05 Mar 2014 10 (v2) Critical Pass MS02-037: Microsoft Exchange EHLO Long Hostname Overflow CVE-2002-0698 29 Jul 2002 7.5 (v2) High Pass Samba 3.0.0 'SamrChangePassword' RCE CVE-2007-2447 06 Apr 2015 6.3 (v3) Medium Pass HP Network Automation Remote Unauthorized Access (HPSBMU02738) CVE-2011-4790 24 Sep 2013 9.3 (v2) High Pass ProFTPD on Debian Linux postinst Installation Privilege Escalation CVE-2001-0456 23 Mar 2003 5.8 (v2) Medium Pass MailMax < 5.0.10.8 Multiple Remote Overflows CVE-1999-0404 07 May 2003 7.5 (v2) High Pass pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09) CVE-2018-4019 CVE-2018-4020 CVE-2018-4021 CVE-2018-6925 CVE-2018-17154 CVE-2018-17155 02 Feb 2021 7.2 (v3) High Pass OpenSSL 1.0.x < 1.0.2r Information Disclosure Vulnerability CVE-2019-1559 01 Mar 2019 5.9 (v3) Medium Pass Sophos Web Protection Appliance Open Redirect Vulnerability 15 Nov 2016 4.3 (v3) Medium Pass ThinClientServer Admin Account Creation Privilege Escalation CVE-2006-6221 07 Dec 2006 7.5 (v2) High 96
RELAYTO Penetration Test Results Page 95 Page 97