Pass Arista Networks EOS IPv6 Neighbor Discovery Packet DoS (SA0022) 28 Feb 2018 5.3 (v3) Medium Pass Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023) CVE-2016-5696 28 Feb 2018 4.8 (v3) Medium Pass Default Password (0000) for 'user' on WIP5000 IP Phone 16 Sep 2008 7.5 (v2) High Pass macOS 10.13.3 Supplemental Update CVE-2018-4124 28 Feb 2018 9.8 (v3) Critical Pass Cisco Wireless LAN Controller CAPWAP DoS (cisco-sa-wlc-capwap-dos-Y2sD9uEw) CVE-2020-3262 28 Jul 2020 7.5 (v3) High Pass Arista Networks EOS Control Plane Packet Handling DoS (SA0025) CVE-2016-6894 28 Feb 2018 7.5 (v3) High Pass macOS 10.14.x < 10.14.3 Multiple Vulnerabilities CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 CVE-2019-6200 CVE-2019-6202 CVE-2019-6205 CVE-2019-6208 CVE-2019-6209 CVE-2019-6210 CVE-2019-6211 CVE-2019-6213 CVE-2019-6214 CVE-2019-6218 CVE-2019-6219 CVE-2019-6220 CVE-2019-6221 CVE-2019-6224 CVE-2019-6225 CVE-2019-6230 CVE-2019-6231 CVE-2019-623525 Jan 2019 10 (v3) Critical Pass Arista Networks EOS MPBGP Denial of Service (SA0029) CVE-2017-8231 28 Feb 2018 4.3 (v3) Medium Pass Citrix NetScaler Authentication Bypass Vulnerability (CTX232199) CVE-2018-5314 05 Jul 2018 7.5 (v3) High Pass Cisco NX-OS SNMP DoS. CVE-2018-0456 26 Oct 2018 7.7 (v3) High Pass Firefly Media Server ws_getpostvars Function Content-Length Header HTTP Request Handling Overflow CVE-2008-1771 23 Apr 2008 7.5 (v2) High Pass Junos OS: FPC process crashes after J-Flow processes a malformed packet (JSA10914) CVE-2019-0014 11 Jan 2019 7.5 (v3) High Pass Juniper Junos vMX Predictable IP ID Sequence Numbers (JSA10903) CVE-2019-0007 11 Jan 2019 10 (v3) Critical Pass Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (JSA10911)CVE-2019-0011 16 Jan 2019 6.5 (v3) Medium Pass Junos OS: Deleted dynamic VPN users are allowed to establish VPN connections until reboot (JSA10915) CVE-2019-0015 07 Feb 2019 5.4 (v3) Medium Pass Cisco Prime Collaboration Provisioning Unauthorized Password Change Denial of Service Vulnerability (cisco-sa-20180801-pcp-dosCVE-2018-0391 01 Apr 2019 6.5 (v3) Medium Pass Axis 2400 Network Camera Multiple Vulnerabilities CVE-2003-1386 01 Mar 2003 6.4 (v2) Medium Pass Junos OS: EX2300 and EX3400 series: Certain stateless firewall filter rules might not take effect (JSA10901)CVE-2019-0002 25 Jan 2019 9.8 (v3) Critical Pass Junos OS: EX2300 and EX3400 series: High disk I/O operations may disrupt the communication between RE and PFE (JSA10909)CVE-2019-0009 25 Jan 2019 5.5 (v3) Medium Pass Palo Alto Networks < 7.1.23 / 8.0.x < 8.0.16 / 8.1.x < 8.1.7 Denial of Service vulnerability (PAN-SA-2019-0007)CVE-2018-18065 02 Apr 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Unauthorized Directory Access Vulnerability CVE-2019-1600 24 May 2019 4.4 (v3) Medium Pass Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities CVE-2019-1597 CVE-2019-1598 24 May 2019 7.5 (v3) High Pass Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability CVE-2019-1596 30 Jul 2019 7.8 (v3) High Pass Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability CVE-2019-1601 30 Jul 2019 7.8 (v3) High Pass Cisco MDS 9700 Series Multilayer Directors and Nexus 7000/7700 Series Switches Software Patch SignaturCVE-2019-1808e Verification Vulnerability 07 Jun 2019 4.4 (v3) Medium Pass Jenkins < 2.235.5 LTS / 2.243 Information Disclosure Vulnerability CVE-2019-17638 21 Aug 2020 9.4 (v3) Critical Pass Juniper JSA10938 CVE-2019-0046 26 Jul 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Fabric Services over IP Denial of Service Vulnerability (CVE-2019-1962) CVE-2019-1962 11 Sep 2019 7.5 (v3) High Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791) CVE-2019-1791 22 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service VulnerabilityCVE-2019-1963 12 Sep 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (cisco-sa-20190925-nxos-vman-cmd-inj) CVE-2019-12717 04 Oct 2019 7.8 (v3) High Pass Adobe ColdFusion Unsupported Version Detection 22 Jan 2014 10 (v3) Critical Pass Citrix and NetScaler SD-WAN Center Unauthenticated Directory Traversal File Write CVE-2019-12990 18 Dec 2019 9.8 (v3) Critical Pass Alcatel ADSL Modem Unpassworded Access CVE-2001-1424 08 Oct 2000 7.5 (v2) High Pass Cisco Catalyst Web Interface Remote Command Execution CVE-2000-0945 10 Nov 2000 10 (v2) Critical Pass Exchange Malformed MIME Header Handling DoS CVE-2000-1006 27 Nov 2000 6.4 (v2) Medium Pass Cisco NX-OS Software Simple Network Management Protocol DoS (cisco-sa-20190515-nxos-snmp-dos) CVE-2019-1858 18 Dec 2019 8.6 (v3) High Pass IBM BigFix Server 9.1.x < 9.1.1275.0 Multiple XSS CVE-2016-0269 CVE-2016-0293 30 Aug 2016 6.1 (v3) Medium Pass HP Universal Configuration Management Database Server Authentication Bypass CVE-2014-7883 18 Mar 2015 5 (v2) Medium Pass Cisco IOS Multiple OpenSSL Vulnerabilities (CSCut46130) CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 14 Apr 2016 7.5 (v2) High Pass ProFTPD mod_copy Information Disclosure CVE-2015-3306 16 Jun 2015 9.8 (v3) Critical Pass IBM Lotus Domino Banner Nonexistent .pl File Request Path Disclosure CVE-2002-0245 CVE-2002-0408 08 Jun 2002 5 (v2) Medium Pass Lotus Domino /./ Request Database Locking DoS CVE-2001-0954 11 Jun 2003 5 (v2) Medium Pass MyServer <= 0.4.2 Multiple Remote DoS 23 Jun 2003 5 (v2) Medium Pass IBM DB2 JDBC Applet Server Detection 25 Sep 2006 None Pass eLDAPo index.php Plaintext Password Disclosure 18 Jun 2003 5 (v2) Medium Pass macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-3619 CVE-2016-4688 CVE-2016-5387 CVE-2016-5636 CVE-2016-7056 CVE-2016-7585 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2016-8740 CVE-2016-8743 CVE-2016-9533 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9538 CVE-2016-9539 CVE-2016-9540 CVE-2016-9586 CVE-2016-9935 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2017-2379 CVE-2017-2381 CVE-2017-2388 CVE-2017-2390 CVE-2017-2398 CVE-2017-2401 CVE-2017-2402 CVE-2017-2403 CVE-2017-2406 CVE-2017-2407 CVE-2017-2408 CVE-2017-2409 CVE-2017-2410 CVE-2017-2413 CVE-2017-2416 CVE-2017-2417 CVE-2017-2418 CVE-2017-2420 CVE-2017-2421 CVE-2017-2422 CVE-2017-2423 CVE-2017-2425 CVE-2017-2426 CVE-2017-2427 CVE-2017-2428 CVE-2017-2429 CVE-2017-2430 CVE-2017-2431 CVE-2017-2432 CVE-2017-2435 CVE-2017-2436 CVE-2017-2437 CVE-2017-2438 CVE-2017-2439 CVE-2017-2440 CVE-2017-2441 CVE-2017-2443 CVE-2017-2448 CVE-2017-2449 CVE-2017-2450 CVE-2017-2451 CVE-2017-2456 CVE-2017-2458 CVE-2017-2461 CVE-2017-2462 CVE-2017-2467 CVE-2017-2472 CVE-2017-2473 CVE-2017-2474 CVE-2017-2477 CVE-2017-2478 CVE-2017-2482 CVE-2017-2483 CVE-2017-2485 CVE-2017-2487 CVE-2017-2489 CVE-2017-2490 CVE-2017-5029 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 CVE-2017-6974 CVE-2017-707031 Mar 2017 9.8 (v3) Critical Pass Cisco IOS Multicast Routing Multiple DoS (cisco-sa-20160928-msdp) CVE-2016-6382 CVE-2016-6392 07 Oct 2016 7.5 (v3) High Pass Microsoft Windows Server 2003 Unsupported Installation Detection 14 Jul 2015 10 (v3) Critical Pass Foreman Smart-Proxy TFTP Remote Command Injection CVE-2014-0007 17 Jul 2014 8.8 (v3) High Pass HP SiteScope getFileInternal Arbitrary File Download 14 Sep 2012 7.8 (v2) High Pass Cisco Email Security Appliance Filter Bypass Vulnerability CVE-2017-12353 14 Dec 2017 5.8 (v3) Medium Pass Microsoft Exchange Server Unsupported Version Detection (Uncredentialed) 03 Apr 2018 10 (v3) Critical Pass IBM Tivoli Storage Manager FastBack Mount 6.1.x < 6.1.11.1 Multiple Vulnerabilities CVE-2015-0120 CVE-2015-1896 CVE-2015-1898 08 May 2015 10 (v2) Critical Pass Cisco TelePresence IP VCR Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cisco NX-OS Software Arbitrary File Overwrite Vulnerability CVE-2019-1729 02 Sep 2019 6 (v3) Medium Pass VMware ESX / ESXi Remotely Accessible Method Object Browser API 24 Jan 2019 10 (v3) Critical Pass Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability (CVE-2019-1969)CVE-2019-1969 13 Sep 2019 5.3 (v3) Medium Pass Symantec Messaging Gateway 10.x < 10.7.3 Multiple Vulnerabilities (SYMSA1501) CVE-2019-18377 CVE-2019-18378 CVE-2019-18379 18 Dec 2019 7.3 (v3) High Pass ASG-Sentry File Check Utility /snmx-cgi/fcheck.exe Arbitrary File Overwrite CVE-2008-1322 14 Oct 2008 7.8 (v2) High Pass Microsoft Windows 8 Unsupported Installation Detection 03 Feb 2016 10 (v2) Critical Pass Cisco Hyperflex HX-Series Software Weak Storage (cisco-sa-HYP-WSV-yT3j5hSB) CVE-2020-3389 25 Aug 2020 4.4 (v3) Medium Pass Check_MK Internal Server Error XSS CVE-2017-11507 14 Dec 2017 6.1 (v3) Medium Pass OpenSSL 1.0.1 < 1.0.1o ASN.1 Encoder Negative Zero Value Handling RCE CVE-2016-2108 04 May 2016 9.8 (v3) Critical Pass IBM DB2 10.1 < Fix Pack 5 Multiple Vulnerabilities (Bar Mitzvah) CVE-2014-0919 CVE-2014-3094 CVE-2014-3095 CVE-2014-6159 CVE-2014-6209 CVE-2014-6210 CVE-2014-8901 CVE-2014-8910 CVE-2015-0138 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-280818 Jul 2015 9.8 (v3) Critical Pass ProFTPD TELNET IAC Escape Sequence Remote Buffer Overflow CVE-2010-4221 15 Oct 2013 9.8 (v3) Critical Pass Xerox WorkCentre Unspecified Remote Protocol Authorization Bypass (XRX13-008) 28 Oct 2013 10 (v2) Critical Pass Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Remote Overflow (MS03-051 / 813360)CVE-2003-0822 CVE-2003-0824 12 Nov 2003 7.5 (v2) High Pass TCP/IP Multicast Address Handling Remote DoS (spank.c) 22 Oct 2003 6.5 (v3) Medium Pass EZsite Forum Discloses Passwords to Remote Users 04 Sep 2003 5 (v2) Medium Pass Elasticsearch ESA-2017-03 CVE-2017-8449 22 Aug 2018 5.9 (v3) Medium Pass Bitvise SSH Server < 7.41 Multiple Vulnerabilities (remote) 01 Jun 2018 5.3 (v3) Medium Pass PHP < 4.3.3 Multiple Vulnerabilities CVE-2002-1396 CVE-2003-0442 CVE-2003-0860 CVE-2003-0861 24 Sep 2003 7.5 (v2) High Pass ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check) CVE-2009-3560 CVE-2009-3720 CVE-2010-0405 CVE-2010-1634 CVE-2010-2089 CVE-2011-1521 CVE-2012-1518 13 Nov 2013 8.3 (v2) High Pass Elasticsearch ESA-2018-10 CVE-2018-3826 22 Aug 2018 6.5 (v3) Medium Pass Elasticsearch ESA-2017-09 CVE-2017-8441 22 Aug 2018 4.3 (v3) Medium Pass Apache Hadoop YARN ResourceManager Unauthenticated RCE (Remote) (Xbash) 20 Sep 2018 10 (v3) Critical Pass PHP 7.2.x < 7.2.10 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass Icecast list.cgi User-Agent XSS CVE-2004-0781 27 Aug 2004 4.3 (v2) Medium Pass Bytes Interactive Web Shopper shopper.cgi Traversal Arbitrary File Access CVE-2000-0922 10 Oct 2000 5 (v2) Medium Pass Logstash ESA-2014-02 CVE-2014-4326 06 Dec 2018 7.3 (v3) High Pass Logstash ESA-2015-04 CVE-2015-4152 06 Dec 2018 6.5 (v3) Medium Pass AlienVault OSSIM get_fqdn() RCE 24 May 2017 9.8 (v3) Critical Pass EMC Cloud Tiering Appliance User Interface Default Credentials 07 Apr 2014 10 (v2) Critical Pass PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access CVE-2001-1204 17 Jan 2002 5 (v2) Medium Pass SSL Certificate Validity - Duration 08 Jan 2019 4.8 (v3) Medium Pass Adobe Connect <= 9.8.1 Session Token Exposure Vulnerability (ASPB19-05) CVE-2018-19718 11 Jan 2019 5.3 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2019 CPU) CVE-2019-2588 CVE-2019-2595 CVE-2019-2601 CVE-2019-2616 18 Apr 2019 8.2 (v3) High Pass Kibana ESA-2018-03 CVE-2018-3819 14 Jan 2019 6.1 (v3) Medium Pass Joomla! Extension 'JCK Suite' - 'jckeditor' =< 6.4.4 Privilege Escalation 21 Jan 2019 8.3 (v3) High Pass Pulse Connect Secure Multiple Vulnerabilities (SA44101) CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16513 CVE-2018-18284 CVE-2019-11507 CVE-2019-11508 CVE-2019-11509 CVE-2019-11510 CVE-2019-11538 CVE-2019-11539 CVE-2019-11540 CVE-2019-11541 CVE-2019-11542 CVE-2019-1154310 May 2019 10 (v3) Critical Pass ClusterLabs Pacemaker PCS Daemon Default Password CVE-2015-1842 07 May 2015 10 (v2) Critical Pass Juniper Junos Network Topology Loop DoS (JSA10719) CVE-2016-1260 22 Jan 2016 5 (v2) Medium Pass Juniper Junos HTTP Request Handling J-Web DoS (JSA10720) CVE-2016-1258 22 Jan 2016 5 (v2) Medium Pass Juniper Junos RTSP Packet Handling flowd DoS (JSA10721) CVE-2016-1262 22 Jan 2016 4.3 (v2) Medium Pass Cisco Wireless LAN Controller Unauthorized Access Vulnerability CVE-2015-6314 22 Jan 2016 9.8 (v3) Critical Pass Oracle GlassFish Server URL normalization Denial of Service 19 Jun 2018 7.5 (v3) High Pass Cisco Nexus 9000 Series APIC Access Control Vulnerability (CSCut12998) CVE-2016-1302 12 Feb 2016 8.8 (v3) High Pass OpenSSL 1.1.1 < 1.1.1a Multiple Vulnerabilities CVE-2018-0734 CVE-2018-0735 25 Jan 2019 5.9 (v3) Medium Pass WordPress Plugin 'LearnDash' < 3.1.6 SQLi CVE-2020-6009 04 May 2020 9.8 (v3) Critical Pass Appointments Plugin for WordPress < 2.2.2 PHP Object Injection 05 Dec 2017 8.3 (v3) High Pass BuddyPress Plugin for WordPress < 2.9.2 Information Disclosure 18 Dec 2017 5.8 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2n Multiple Vulnerabilities CVE-2017-3737 CVE-2017-3738 15 Dec 2017 5.9 (v3) Medium Pass OpenSSL 1.1.0 < 1.1.0h AVX2 Montgomery Multiplication Private Key Derivation Weakness CVE-2017-3738 CVE-2018-0739 15 Dec 2017 5.9 (v3) Medium Pass Apple TV < 11.2 Multiple Vulnerabilities CVE-2017-7154 CVE-2017-7156 CVE-2017-7157 CVE-2017-7160 CVE-2017-7162 CVE-2017-13833 CVE-2017-13855 CVE-2017-13856 CVE-2017-13861 CVE-2017-13862 CVE-2017-13865 CVE-2017-13866 CVE-2017-13867 CVE-2017-13868 CVE-2017-13869 CVE-2017-13870 CVE-2017-1387605 Jan 2018 7.8 (v3) High Pass Cisco Wireless LAN Controller Client Disconnection DoS CVE-2015-6341 22 Jan 2016 5 (v2) Medium Pass IBM Tivoli Provisioning Manager for OS Deployment TFTPD Malformed PRQ Request DoS CVE-2007-3268 19 Jul 2007 5 (v2) Medium Pass Western Digital MyCloud Unauthenticated File Upload CVE-2017-17560 10 Jan 2018 9.8 (v3) Critical Pass pfSense < 2.1.3 Remote Denial of Service Vulnerability (SA-14_05) CVE-2014-3000 31 Jan 2018 8.2 (v3) High Pass pfSense < 2.1.4 Multiple Vulnerabilities (SA-14_08 - SA-14_12) CVE-2014-4687 CVE-2014-4688 CVE-2014-4689 CVE-2014-4690 CVE-2014-4691 CVE-2014-4692 31 Jan 2018 6.5 (v3) Medium Pass Nortel Meridian Integrated RAN Default Admin Credentials 24 Feb 2014 10 (v2) Critical Pass Cisco Prime Data Center Network Manager File Upload RCE (cisco-sa-20180502-prime-upload) CVE-2018-0258 13 Jun 2018 9.8 (v3) Critical 22
RELAYTO Penetration Test Results Page 21 Page 23