Pass Juniper Junos OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed) CVE-2014-0160 18 Apr 2014 7.5 (v3) High Pass IBM Spectrum Protect Operations Center Detection 19 Nov 2020 None Pass Atlassian Confluence 7.4.x < 7.4.17 / 7.13.x < 7.13.7 / 7.14.x < 7.14.3 / 7.15.x < 7.15.2 / 7.16.x < 7.16.4 / 7.17.x < 7.17.4 / 7.18.x < 7.18.1 (CONFSERVER-79017) 06 Jun 2022 None Pass VMware Cloud Foundation Web Detection 06 Jun 2022 None Pass Oracle E-Business (July 2013 CPU) CVE-2013-3747 CVE-2013-3749 CVE-2013-3756 CVE-2013-3767 CVE-2013-3777 CVE-2013-3778 CVE-2013-3788 27 Sep 2013 5.5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2014 CPU) CVE-2014-4278 CVE-2014-4281 CVE-2014-4285 CVE-2014-6471 CVE-2014-6472 CVE-2014-6479 CVE-2014-6523 CVE-2014-6539 CVE-2014-6550 CVE-2014-656117 Oct 2014 7.5 (v2) High Pass HP Data Protector < A.06.20 Multiple Vulnerabilities CVE-2011-1728 CVE-2011-1729 CVE-2011-1730 CVE-2011-1731 CVE-2011-1732 CVE-2011-1733 CVE-2011-1734 CVE-2011-1735 CVE-2011-1736 CVE-2011-239910 May 2011 10 (v2) Critical Pass Symantec pcAnywhere Unsupported 08 Feb 2012 10 (v3) Critical Pass HP Data Protector Unsupported 05 Feb 2013 10 (v2) Critical Pass Cisco Unified Communications Manager SIP DoS (CSCub85597) CVE-2013-3461 24 Sep 2013 7.1 (v2) High Pass Cisco Unified Communications Manager UDP Memory Leak DoS (CSCub85597) CVE-2013-3460 24 Sep 2013 7.8 (v2) High Pass Cisco Unified Communications Manager Remote Buffer Overflow (CSCud54358) CVE-2013-3462 24 Sep 2013 8.5 (v2) High Pass Cisco Unified Communications Manager Registration Messages DoS (CSCuf93466) CVE-2013-3459 24 Sep 2013 7.8 (v2) High Pass Cisco Unified Communications Manager Multiple DoS Vulnerabilities (cisco-sa-20130227-cucm) CVE-2013-1133 CVE-2013-1134 25 Sep 2013 7.8 (v2) High Pass Juniper NSM Servers < 2012.2R5 Multiple Vulnerabilities CVE-2012-0022 CVE-2012-5568 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2013 5 (v2) Medium Pass NAS4Free Version 14 Apr 2014 None Pass Cisco Unified Communications Manager Multiple Reflected XSS CVE-2014-3372 CVE-2014-3373 CVE-2014-3374 06 Nov 2014 4.3 (v2) Medium Pass CUCM IM and Presence Service GNU Bash Environment Variable Handling Command Injection (CSCur05454) (Shellshock)CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 11 Nov 2014 10 (v2) Critical Pass Cisco Unified Communications Manager SSLv3 Information Disclosure (cisco-sa-20141015-poodle) (POODLE)CVE-2014-3566 12 Nov 2014 4.3 (v2) Medium Pass Cisco TelePresence Conductor Bash Remote Code Execution (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 26 Nov 2014 10 (v2) Critical Pass Cisco Unified Communications Manager TLS SAN Field MitM (CSCuq86376) CVE-2014-7991 29 Dec 2014 4.3 (v2) Medium Pass Cisco Unified Communications Manager Remote Buffer Overflow (CSCus66650) (GHOST) CVE-2015-0235 26 Feb 2015 10 (v2) Critical Pass Cisco TelePresence Conductor Login Security Bypass Vulnerability CVE-2015-0653 20 Mar 2015 10 (v2) Critical Pass Cisco Unified Communications Manager SQL Injection (CSCut33447 / CSCut33608) CVE-2015-0715 14 May 2015 6.5 (v2) Medium Pass Cisco Unified Communications Manager SIP Memory Leak DoS (CSCuv39370) CVE-2016-1350 01 Apr 2016 7.5 (v3) High Pass Delta Electronics DIAEnergie Blind SQLi (CVE-2021-38391) CVE-2021-38391 06 Jun 2022 9.8 (v3) Critical Pass Delta Electronics DIAEnergie Detection 06 Jun 2022 None Pass HP Data Protector 7.0x < 7.03 build 108 / 8.1x < 8.15 / 9.0x < 9.06 Multiple Vulnerabilities (HPSBGN03580) (Bar Mitzvah)CVE-2015-2808 CVE-2016-2004 CVE-2016-2005 CVE-2016-2006 CVE-2016-2007 CVE-2016-2008 29 Apr 2016 9.8 (v3) Critical Pass Cisco Unified Communications Manager Java Object Deserialization RCE (CSCux34835) CVE-2015-6420 10 Oct 2016 9.8 (v3) Critical Pass IBM Domino Unsupported Version Detection 17 Apr 2017 10 (v3) Critical Pass Cisco Unified Communications Manager SIP UDP Throttling DoS (CSCuz72455) CVE-2017-3808 27 Apr 2017 7.5 (v3) High Pass Cisco Unified Communications Manager XSS (cisco-sa-20170517-ucm) CVE-2017-6654 25 May 2017 6.1 (v3) Medium Pass HP Data Protector 8.x < 8.17 / 9.x < 9.09 Multiple Vulnerabilities (HPSBGN03732) CVE-2017-5807 CVE-2017-5808 CVE-2017-5809 11 Aug 2017 9.8 (v3) Critical Pass Cisco Unified Communication Manager HTTP Interface Information Disclosure Vulnerability (CSCvf20218) CVE-2018-0266 27 Apr 2018 4.3 (v3) Medium Pass Ansible Tower 3.1.x < 3.1.8 / 3.2.x < 3.2.6 CSRF vulnerability CVE-2018-10884 31 Aug 2018 8.8 (v3) High Pass Ansible Tower Unsupported Version 31 Aug 2018 10 (v3) Critical Pass Cisco Unified Communication Manager Apache Struts RCE (CSCvm14042) CVE-2018-11776 05 Sep 2018 8.1 (v3) High Pass IBM Spectrum Protect 7.1.x < 7.1.9.300 / 8.1.x < 8.1.8 Multiple Vulnerabilities CVE-2018-1922 CVE-2018-1923 CVE-2018-1936 CVE-2018-1978 CVE-2018-1980 CVE-2019-4014 CVE-2019-4015 CVE-2019-4016 CVE-2019-409424 Jul 2019 7.8 (v3) High Pass Ansible Tower 3.6.x < 3.6.1 Information Disclosure CVE-2019-14890 06 Dec 2019 8.8 (v3) High Pass Dell iDRAC Improper Authorization (DSA-2019-137) CVE-2019-3764 06 Dec 2019 4.3 (v3) Medium Pass DNN (DotNetNuke) 6.0.0 <= 9.3.2 Multiple Vulnerabilities 06 Dec 2019 6.1 (v3) Medium Pass Citrix SD-WAN Center trace_route Unauthenticated Remote Command Injection CVE-2019-12986 18 Dec 2019 9.8 (v3) Critical Pass Oracle E-Business (July 2014 CPU) CVE-2014-0224 CVE-2014-2482 CVE-2014-4213 CVE-2014-4235 CVE-2014-4248 18 Jul 2014 5.8 (v2) Medium Pass Ansible Tower 3.5.x < 3.5.4 / 3.6.x < 3.6.2 Multiple Vulnerabilities CVE-2019-14864 CVE-2019-19340 CVE-2019-19341 CVE-2019-19342 20 Dec 2019 8.2 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.49 Privilege Escalation CVE-2019-12418 27 Dec 2019 7 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.50 Privilege Escalation Vulnerability CVE-2019-17563 27 Dec 2019 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.30 Privilege Escalation Vulnerability CVE-2019-17563 27 Dec 2019 7.5 (v3) High Pass Atlassian JIRA < 7.7.1 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-67108) CVE-2017-18102 06 Jan 2020 5.4 (v3) Medium Pass Atlassian JIRA 6.2.1 < 7.4.4 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-66719) CVE-2017-18039 06 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.4.2 XSS vulnerability (JRASERVER-66624) CVE-2017-16864 07 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.13.6 / 8.x < 8.4.0 XSS (JRASERVER-69795) CVE-2019-8450 09 Jan 2020 4.8 (v3) Medium Pass Atlassian JIRA < 7.13.3 / 8.x < 8.1 XSS vulnerability (JRASERVER-68855) CVE-2018-20239 09 Jan 2020 5.4 (v3) Medium Pass Atlassian JIRA < 7.13.9 / 8.x < 8.3.3 XSS (JRASERVER-69790) CVE-2019-14996 09 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.13.12 / 8.x < 8.4.3 / 8.5.x < 8.5.2 Authorization Bypass (JRASERVER-70405) CVE-2019-15013 09 Jan 2020 4.3 (v3) Medium Pass Atlassian JIRA < 7.6.1 CSRF vulnerability (JRASERVER-66643) CVE-2017-18033 09 Jan 2020 6.5 (v3) Medium Pass nginx 0.8.x < 0.8.33 / 0.7.x < 0.7.65 Windows Filename Pseudonyms (CORE-2010-0121) 13 Jan 2020 3.7 (v3) Low Pass Microsoft Open Management Infrastructure RCE (CVE-2021-38647) CVE-2021-38647 20 Sep 2021 9.8 (v3) Critical Pass Flexera FlexNet Publisher lmadmin < 11.16.5.1 Multiple Vulnerabilities CVE-2019-8960 CVE-2019-8961 20 Jan 2020 7.5 (v3) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Jan 2020 CPU) CVE-2020-2566 CVE-2020-2582 CVE-2020-2586 CVE-2020-2587 CVE-2020-2591 CVE-2020-2596 CVE-2020-2597 CVE-2020-2603 CVE-2020-2651 CVE-2020-2652 CVE-2020-2653 CVE-2020-2657 CVE-2020-2658 CVE-2020-2661 CVE-2020-2662 CVE-2020-2665 CVE-2020-2666 CVE-2020-2667 CVE-2020-2668 CVE-2020-2669 CVE-2020-2670 CVE-2020-2671 CVE-2020-267224 Jan 2020 9.9 (v3) Critical Pass Redis EVAL Lua Sandbox Escape 30 Apr 2018 9 (v3) Critical Pass PostgreSQL STARTTLS Support 19 Oct 2018 None Pass IBM Spectrum Protect Server 7.1.x < 7.1.9.100 / 8.1.x < 8.1.6 Information Disclosure Vulnerability CVE-2018-1788 08 Nov 2018 4.4 (v3) Medium Pass Tenable Nessus < 8.2.2 Stored XSS Vulnerability (TNS-2019-01) CVE-2019-3923 06 Feb 2019 5.4 (v3) Medium Pass HPE Intelligent Management Center dbman Command 10018 Multiple Vulnerabilities CVE-2019-5390 CVE-2019-5391 11 Feb 2020 9.8 (v3) Critical Pass Atlassian Jira 8.2.x < 8.6.0 Improper Authorization on Project Titles Information Disclosure Vulnerability (JRASERCVE-2019-20404VER_70569) 30 Mar 2020 4.3 (v3) Medium Pass Atlassian Jira 8.2 < 8.5.4 Support Files Improper Authorization Vulnerability (JRASERVER-70564) CVE-2019-20402 30 Mar 2020 4.9 (v3) Medium Pass Ansible Tower 3.4.x < 3.4.6 / 3.5.x < 3.5.6 / 3.6.x < 3.6.4 Denial of Service Vulnerability CVE-2020-10697 02 Apr 2020 4.4 (v3) Medium Pass Jenkins < (2.204.6 / 2.222.1) LTS / 2.228 Multiple Vulnerabilities CVE-2020-2160 CVE-2020-2161 CVE-2020-2162 CVE-2020-2163 02 Apr 2020 8.8 (v3) High Pass Dell iDRAC Buffer Overflow Vulnerability (CVE-2020-5344) CVE-2020-5344 03 Apr 2020 9.8 (v3) Critical Pass Atlassian Jira 7.13 < 8.5.5 Jira Project Key Information Disclosure (JRASERVER-70565) CVE-2019-20403 06 Apr 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.1.9 Role Name XSS (JRASERVER-61861) CVE-2016-4318 08 Apr 2020 4.8 (v3) Medium Pass Apache 2.4.x < 2.4.42 Multiple Vulnerabilities CVE-2020-1927 CVE-2020-1934 10 Apr 2020 6.1 (v3) Medium Pass Pulse Connect Secure XSS (SA3877) CVE-2018-20808 17 Apr 2020 6.1 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2020 CPU)CVE-2020-2594 CVE-2020-2706 17 Apr 2020 6.5 (v3) Medium Pass Atlassian Jira 7.6 < 8.5.2 XSRF (JRASERVER-70406) CVE-2019-20401 21 Apr 2020 6.5 (v3) Medium Pass MongoDB 2.x, 3.0.x < 3.0.15, 3.1.x < 3.2.14, 3.3.x < 3.3.14 Mongo Shell Information Disclosure Vulnerability (SERCVE-2016-6494VER-25335) 23 Apr 2020 5.5 (v3) Medium Pass PHP 7.2.x < 7.2.30 Multiple Vulnerabilities CVE-2020-7067 23 Apr 2020 7.5 (v3) High Pass PHP 7.4.x < 7.4.5 urldecode OOB Read CVE-2020-7067 24 Apr 2020 7.5 (v3) High Pass ManageEngine PAM360 Detection 23 May 2022 None Pass Jenkins plugins Multiple Vulnerabilities (2022-04-12) CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 CVE-2022-29047 CVE-2022-29048 CVE-2022-29049 CVE-2022-29050 CVE-2022-29051 CVE-2022-2905223 May 2022 8.8 (v3) High Pass Cisco UCS Director JavaScript Cross-Site Scripting Vulnerability CVE-2022-20765 23 May 2022 4.8 (v3) Medium Pass Jenkins Security Advisory 2019-01-08 Multiple Vulnerabilities CVE-2019-1003000 CVE-2019-1003001 CVE-2019-1003002 24 Sep 2019 8.8 (v3) High Pass PHP 7.3.x < 7.3.10 Heap-Based Buffer Overflow Vulnerability. 04 Oct 2019 8.1 (v3) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2925 CVE-2019-2930 CVE-2019-2942 CVE-2019-2990 CVE-2019-2994 CVE-2019-2995 CVE-2019-3000 CVE-2019-3022 CVE-2019-3024 CVE-2019-302718 Oct 2019 8.2 (v3) High Pass Oracle Primavera Unifier Multiple Vulnerabilities (Oct 2019 CPU) CVE-2017-12626 CVE-2019-11358 CVE-2019-12086 CVE-2019-14379 CVE-2019-14439 21 Oct 2019 9.8 (v3) Critical Pass Default Password ('scpuser') for 'scpuser' Account 21 Oct 2019 9.8 (v3) Critical Pass vBulletin 'widget_php' Command Execution CVE-2019-16759 23 Oct 2019 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway 12.5.x < 12.5.4 XSS CVE-2019-12705 25 Oct 2019 6.1 (v3) Medium Pass PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution Vulnerability. CVE-2019-11043 25 Oct 2019 9.8 (v3) Critical Pass Citrix SD-WAN Center and NetScaler SD-WAN Center addModifyZTDProxy Unauthenticated Remote Command InjectionCVE-2019-12988 29 Oct 2019 9.8 (v3) Critical Pass Tenable Nessus < 8.7.0 DoS (TNS-2019-06) CVE-2019-3982 01 Nov 2019 6.5 (v3) Medium Pass HP Data Protector Backup Agent RCE CVE-2006-4201 14 Aug 2006 7.5 (v2) High Pass HP Data Protector OmniInet.exe MSG_PROTOCOL Command RCE CVE-2007-2280 05 Jan 2010 10 (v2) Critical Pass jQuery UI Detection 31 Dec 2021 None Pass IBM Spectrum Protect 7.1.x < 7.1.10.100 / 8.1.x < 8.1.9.300 Stack-based Buffer Overflow CVE-2020-4415 13 May 2020 9.8 (v3) Critical Pass vBulletin 'getIndexableContent' SQL Injection (direct check) CVE-2020-12720 15 May 2020 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.31 / 7.3.x < 7.3.18, 7.4.x < 7.4.6 Denial of Service (DoS) CVE-2019-11048 21 May 2020 5.3 (v3) Medium Pass Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability CVE-2017-12229 02 Oct 2017 9.8 (v3) Critical Pass Oracle WebCenter Content Unspecified Vulnerability (April 2018 CPU) CVE-2018-2828 22 May 2020 8.2 (v3) High Pass Cisco IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability CVE-2017-12228 06 Oct 2017 5.9 (v3) Medium Pass Atlassian JIRA < 8.7.0 SSRF (JRASERVER-71204) CVE-2019-20408 09 Jul 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.0 < 8.9.1 MitM (JRASERVER-71198) CVE-2020-14168 09 Jul 2020 5.9 (v3) Medium Pass Atlassian JIRA < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.x < 8.9.1 DoS (JRASERVER-71197) CVE-2020-14167 10 Jul 2020 7.5 (v3) High Pass TYPO3 10.4.x < 10.4.2 Information Disclosure (TYPO3-CORE-SA-2020-001) CVE-2020-11063 13 Jul 2020 3.7 (v3) Low Pass Atlassian JIRA < 8.4.2 Information disclosure in Application links plugin CVE-2019-15011 CVE-2019-15013 20 Dec 2019 4.3 (v3) Medium Pass Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass VCVE-2020-3231ulnerability (cisco-sa-c2960L-DpWA9Re4) 26 Jun 2020 4.7 (v3) Medium Pass Oracle Oracle E-Business Suite (Jul 2020 CPU) CVE-2020-14534 CVE-2020-14554 CVE-2020-14555 CVE-2020-14582 CVE-2020-14590 CVE-2020-14596 CVE-2020-14598 CVE-2020-14599 CVE-2020-14610 CVE-2020-14635 CVE-2020-14657 CVE-2020-14658 CVE-2020-14659 CVE-2020-14660 CVE-2020-14661 CVE-2020-14665 CVE-2020-14666 CVE-2020-14667 CVE-2020-14668 CVE-2020-14670 CVE-2020-14671 CVE-2020-14679 CVE-2020-14681 CVE-2020-14682 CVE-2020-14686 CVE-2020-14688 CVE-2020-14716 CVE-2020-14717 CVE-2020-14719 CVE-2020-1472015 Jul 2020 9.1 (v3) Critical Pass Cisco IOS XE Software Static Credential Vulnerability CVE-2018-0150 29 Mar 2018 9.8 (v3) Critical Pass SolarWinds Web Help Desk - Web Detection 24 Mar 2022 None Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.6 HF1 Multiple Vulnerabilities XSS CVE-2021-35219 CVE-2021-35220 CVE-2021-35221 CVE-2021-35222 CVE-2021-35238 CVE-2021-35239 CVE-2021-35240 17 Nov 2021 9.6 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11138) CVE-2021-0245 15 Apr 2021 7.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11175) CVE-2021-0255 CVE-2021-0256 15 Apr 2021 7.8 (v3) High 36
RELAYTO Penetration Test Results Page 35 Page 37