Pass Novell ZENworks ChangePassword RPC XPath Injection CVE-2015-5970 26 Feb 2016 5.3 (v3) Medium Pass MySQL 8.0.x < 8.0.23 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2020-1971 CVE-2021-2002 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038 CVE-2021-2046 CVE-2021-2048 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 CVE-2021-2076 CVE-2021-2081 CVE-2021-2087 CVE-2021-2088 CVE-2021-2122 CVE-2021-2178 CVE-2021-2202 CVE-2021-221322 Jan 2021 5 (v3) Medium Pass Novell Open Enterprise Server Remote Manager (novell-nrm) POST Request Content-Length Overflow CVE-2005-3655 20 Jan 2006 7.5 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0009) (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0268 CVE-2013-0338 CVE-2013-0871 CVE-2013-2116 04 Mar 2016 6.9 (v2) Medium Pass VMware ESX / ESXi Guest OS Local Privilege Escalation (VMSA-2013-0014) (remote check) CVE-2013-3519 04 Mar 2016 7.9 (v2) High Pass Atlassian Confluence Server Arbitrary File Read (CVE-2021-26085) CVE-2021-26085 20 Oct 2021 5.3 (v3) Medium Pass OpenSSL Unsupported 17 Oct 2014 10 (v3) Critical Pass Tenable SecurityCenter 5.16.x / 5.17.0 Multiple Vulnerabilities (TNS-2021-03) CVE-2021-23840 CVE-2021-23841 05 Mar 2021 7.5 (v3) High Pass Cisco TelePresence Management Suite Stored XSS (cisco-sa-tms-xss-CwjZJSQc) CVE-2021-34760 27 Oct 2021 4.8 (v3) Medium Pass IBM Network Security Protection XGS Remote Code Execution (swg21690823) (credentialed check) CVE-2014-6183 02 Jan 2015 4 (v2) Medium Pass Cisco Email Security Appliance Filter Bypass (cisco-sa-ESA-filt-39jXvMfM) CVE-2020-3370 23 Jul 2020 5.8 (v3) Medium Pass Cisco Email Security Appliance DoS (cisco-sa-esa-tls-dos-xW53TBhb) CVE-2020-3548 04 Sep 2020 5.3 (v3) Medium Pass PHP 7.3.x < 7.3.31 Arbitrary File Write CVE-2021-21706 28 Oct 2021 6.5 (v3) Medium Pass Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280) CVE-2011-1473 23 May 2019 6.5 (v3) Medium Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities CVE-2021-35213 CVE-2021-35215 17 Nov 2021 8.8 (v3) High Pass Cisco IOS Software DHCP Remote Code Execution Vulnerability CVE-2017-12240 02 Oct 2017 9.8 (v3) Critical Pass Cisco IOS Software CIP Multiple Vulnerabilities (cisco-sa-20170927-cip) CVE-2017-12233 CVE-2017-12234 05 Oct 2017 7.5 (v3) High Pass Microsoft Windows XP Unsupported Installation Detection 25 Mar 2014 10 (v3) Critical Pass Cyrus IMAPd NNTP AUTHINFO USER Command Parsing Authentication Bypass CVE-2011-3372 19 Dec 2011 6.4 (v2) Medium Pass VMware vCenter Operations Manager Web UI Default Credentials 10 Apr 2015 7.5 (v2) High Pass Cisco IOS Software Quality of Service Remote Code Execution Vulnerability CVE-2018-0151 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities (cisco-sa-20180328-lldp)CVE-2018-0167 CVE-2018-0175 06 Apr 2018 8.8 (v3) High Pass Cisco Unified Communications Manager Java Interface SQL Injection (CSCuo17337) CVE-2014-3287 18 Jun 2014 4 (v2) Medium Pass Atlassian JIRA Server & JIRA Data Center Template Injection Vulnerability CVE-2019-11581 11 Jul 2019 9.8 (v3) Critical Pass Cisco Unified Computing System Integrated Management Controller XSRF (CSCuq45477) CVE-2014-7996 01 May 2015 6.8 (v2) Medium Pass IBM Rational License Key Server Administration and Reporting Tool 8.1.4.x < 8.1.4.7 XSS CVE-2015-1907 18 May 2015 4 (v2) Medium Pass Cisco IOS Software Integrated Services Module for VPN DoS (cisco-sa-20180328-dos) CVE-2018-0154 21 Nov 2019 7.5 (v3) High Pass Apple TV < 12.4.1 A Use-After-Free Vulnerability CVE-2019-8605 04 Dec 2019 7.8 (v3) High Pass ManageEngine Applications Manager Unsupported Version Detection 08 Jun 2015 10 (v2) Critical Pass Cisco IOS Software Internet Key Exchange Version 1 DoS (cisco-sa-20180328-ike-dos) CVE-2018-0159 27 Nov 2019 7.5 (v3) High Pass phpMoAdmin Detection 16 Jun 2015 None Pass Splunk Unsupported Version Detection 23 Jun 2015 10 (v3) Critical Pass Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability CVE-2019-1605 20 Dec 2019 7.8 (v3) High Pass Palo Alto Networks PAN-OS GlobalProtect Web Portal RCE (PAN-SA-2016-0005) CVE-2016-3657 28 Mar 2016 9.8 (v3) Critical Pass EMC Documentum D2 4.1 / 4.2.x < 4.2 P16 / 4.5.x < 4.5 P03 Multiple DQL Injection Vulnerabilities CVE-2015-0547 CVE-2015-0548 09 Jul 2015 4 (v2) Medium Pass MaraDNS Server Version Detection 11 Apr 2014 None Pass Cisco IOS Software Simple Network Management Protocol GET MIB Object ID DoS (cisco-sa-20180328-snmp)CVE-2018-0161 27 Nov 2019 6.3 (v3) Medium Pass Oracle GlassFish Server Multiple Vulnerabilities (July 2015 CPU) CVE-2014-1569 CVE-2015-2623 CVE-2015-4744 16 Jul 2015 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 11 Multiple Vulnerabilities (Bar Mitzvah) (FREAK) (TLS POODLE) CVE-2014-0919 CVE-2014-6209 CVE-2014-6210 CVE-2014-8730 CVE-2014-8901 CVE-2014-8910 CVE-2015-0138 CVE-2015-0157 CVE-2015-1788 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-280818 Jul 2015 7.6 (v3) High Pass Polycom SIP Detection 23 Sep 2013 None Pass Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities CVE-2009-5044 CVE-2009-5078 CVE-2012-6685 CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2013-7040 CVE-2013-7338 CVE-2013-7422 CVE-2014-0067 CVE-2014-0106 CVE-2014-0191 CVE-2014-1912 CVE-2014-3581 CVE-2014-3583 CVE-2014-3613 CVE-2014-3620 CVE-2014-3660 CVE-2014-3707 CVE-2014-7185 CVE-2014-7844 CVE-2014-8109 CVE-2014-8150 CVE-2014-8151 CVE-2014-8161 CVE-2014-8767 CVE-2014-8769 CVE-2014-9140 CVE-2014-9365 CVE-2014-9680 CVE-2015-0228 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-0253 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2783 CVE-2015-2787 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 CVE-2015-3183 CVE-2015-3185 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3729 CVE-2015-3730 CVE-2015-3731 CVE-2015-3732 CVE-2015-3733 CVE-2015-3734 CVE-2015-3735 CVE-2015-3736 CVE-2015-3737 CVE-2015-3738 CVE-2015-3739 CVE-2015-3740 CVE-2015-3741 CVE-2015-3742 CVE-2015-3743 CVE-2015-3744 CVE-2015-3745 CVE-2015-3746 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3750 CVE-2015-3751 CVE-2015-3752 CVE-2015-3753 CVE-2015-3754 CVE-2015-3755 CVE-2015-3757 CVE-2015-3760 CVE-2015-3761 CVE-2015-3762 CVE-2015-3764 CVE-2015-3765 CVE-2015-3766 CVE-2015-3767 CVE-2015-3768 CVE-2015-3769 CVE-2015-3770 CVE-2015-3771 CVE-2015-3772 CVE-2015-3773 CVE-2015-3774 CVE-2015-3775 CVE-2015-3776 CVE-2015-3777 CVE-2015-3778 CVE-2015-3779 CVE-2015-3780 CVE-2015-3781 CVE-2015-3782 CVE-2015-3783 CVE-2015-3784 CVE-2015-3786 CVE-2015-3787 CVE-2015-3788 CVE-2015-3789 CVE-2015-3790 CVE-2015-3791 CVE-2015-3792 CVE-2015-3794 CVE-2015-3795 CVE-2015-3796 CVE-2015-3797 CVE-2015-3798 CVE-2015-3799 CVE-2015-3800 CVE-2015-3802 CVE-2015-3803 CVE-2015-3804 CVE-2015-3805 CVE-2015-3806 CVE-2015-3807 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-5600 CVE-2015-5747 CVE-2015-5748 CVE-2015-5750 CVE-2015-5751 CVE-2015-5753 CVE-2015-5754 CVE-2015-5755 CVE-2015-5756 CVE-2015-5757 CVE-2015-5758 CVE-2015-5761 CVE-2015-5763 CVE-2015-5768 CVE-2015-5771 CVE-2015-5772 CVE-2015-5773 CVE-2015-5774 CVE-2015-5775 CVE-2015-5776 CVE-2015-5777 CVE-2015-5778 CVE-2015-5779 CVE-2015-5781 CVE-2015-5782 CVE-2015-5783 CVE-2015-578417 Aug 2015 9.3 (v2) High Pass Alcatel OmniSwitch Default Credentials (telnet) 30 Sep 2013 6.4 (v2) Medium Pass Xerox WorkCentre Multiple Unspecified Vulnerabilities (XRX13-006) 10 Oct 2013 10 (v2) Critical Pass Xerox ColorQube Multiple Unspecified Vulnerabilities (XRX13-006) 10 Oct 2013 10 (v2) Critical Pass Tenable Appliance Web Detection 17 Jul 2012 None Pass NETGEAR ReadyNAS Remote Unauthenticated Command Execution CVE-2013-2751 24 Oct 2013 9.8 (v3) Critical Pass ESXi 5.0 < Build 1197855 NFC Traffic Denial of Service (remote check) CVE-2013-1661 13 Nov 2013 4.3 (v2) Medium Pass OpenVAS Administrator / Manager Authentication Bypass CVE-2013-6765 CVE-2013-6766 15 Nov 2013 7.5 (v2) High Pass SSH Weak MAC Algorithms Enabled 22 Nov 2013 2.6 (v2) Low Pass Blackboard LC3000 Laundry Reader Default Telnet Password 26 Nov 2013 10 (v2) Critical Pass ASUS RT-N13U Router Built-in Admin Telnet Account with Unchangeable Password 26 Nov 2013 10 (v2) Critical Pass ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919 CVE-2012-0841 13 Nov 2013 9.3 (v2) High Pass Cisco WAAS Mobile Server Web Administration Interface Detection 07 Jan 2014 None Pass ScMM DSL Modem/Router Backdoor Detection CVE-2014-0659 06 Jan 2014 10 (v2) Critical Pass ESXi 5.5 < Build 1474526 File Descriptors Privilege Escalation (remote check) CVE-2013-5973 31 Dec 2013 4.4 (v2) Medium Pass OpenSSL 1.0.0 < 1.0.0l DTLS Security Bypass CVE-2013-6450 08 Jan 2014 5.8 (v2) Medium Pass HP Intelligent Management Center Web Administration Interface Default Credentials 09 Jan 2014 7.5 (v2) High Pass NETGEAR DGN2200 Multiple Vulnerabilities 05 Mar 2014 8.8 (v3) High Pass Cisco TelePresence ISDN Gateway D-Channel DoS CVE-2014-0660 28 Jan 2014 7.1 (v2) High Pass Alvarion Multiple Products Default Telnet Credentials 31 Jan 2014 10 (v2) Critical Pass SAProuter Remote Authentication Bypass (Note 1853140) CVE-2013-7093 03 Feb 2014 5 (v2) Medium Pass Emerson Network Power Avocent MergePoint Unity KVM Switch < 1.14 / 1.18 download.php filename Parameter DirCVE-2013-6030ectory Traversal 05 Feb 2014 5 (v2) Medium Pass Geeklog auth.inc.php loginname Parameter SQL Injection CVE-2006-2700 31 May 2006 5.1 (v2) Medium Pass Nortel CS Signaling Server Default Admin Credentials 20 Feb 2014 9.8 (v3) Critical Pass CoSoSys Endpoint Protector < 4.4.0.1 Unspecified XSS 24 Feb 2014 4.3 (v2) Medium Pass Anonymous SFTP Enabled 24 Feb 2014 None Pass Adobe Connect < 9.5.7 event_registration.html Multiple Parameter XSS (APSB16-35) CVE-2016-7851 14 Nov 2016 6.1 (v3) Medium Pass DNS Server Version Detection 03 Mar 2014 None Pass Xerox ColorQube ConnectKey Controller Multiple Unspecified Vulnerabilities (XRX14-001) 19 Feb 2014 10 (v2) Critical Pass IBM Rational Focal Point RequestAccessController Servlet File Disclosure CVE-2013-5398 06 Mar 2014 3.3 (v2) Low Pass activePDF Server < 3.8.6 Packet Handling Remote Overflow CVE-2007-5397 05 Mar 2008 10 (v2) Critical Pass Veritas Storage Foundation Multiple Service Remote DoS (SYM08-004) CVE-2007-4516 CVE-2008-0638 15 Apr 2008 3.3 (v2) Low Pass Cisco ONS 15454 Controller Card DoS (CSCun06870) CVE-2014-2142 10 Apr 2014 5 (v2) Medium Pass MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check) CVE-2007-3898 05 Mar 2014 6.4 (v2) Medium Pass Oracle WebLogic Server mod_wl Invalid Parameter Remote Overflow (1150354) CVE-2008-4008 16 Nov 2008 10 (v2) Critical Pass Atmail Webmail < 6.5.0 'DOM processor' XSS 18 Apr 2014 4.3 (v2) Medium Pass Apple iTunes < 12.10.3 Multiple Vulnerabilities (uncredentialed check) CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-8848 CVE-2019-15903 27 Dec 2019 8.8 (v3) High Pass Cisco Network Registrar 7.1 DHCPv6 DoS (CSCuo07437) CVE-2014-2155 29 Apr 2014 5 (v2) Medium Pass ACC Tigris Access Terminal Configuration Disclosure CVE-1999-0383 21 Mar 2000 6.4 (v2) Medium Pass Multiple Vendor SNMP public Community String Information Disclosure 19 May 2014 5 (v2) Medium Pass Web Server on Extended Support 11 Jun 2014 None Pass Brocade Fabric OS Default Credentials 16 Jun 2014 9.8 (v3) Critical Pass RSP Detection 27 Sep 2010 None Pass Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure CVE-2013-0169 14 Jul 2014 2.6 (v2) Low Pass HP Intelligent Management Center 7.x < 7.0-E0202P03 Multiple Vulnerabilities CVE-2014-2618 CVE-2014-2619 CVE-2014-2620 CVE-2014-2621 CVE-2014-2622 21 Jul 2014 8.5 (v2) High Pass HP BladeSystem c-Class Onboard Administrator 4.11 / 4.20 Heartbeat Information Disclosure (Heartbleed)CVE-2014-0160 15 Jul 2014 7.5 (v3) High Pass Junos OS: Path traversal vulnerability in J-Web (JSA10985) CVE-2020-1606 17 Jan 2020 5.4 (v3) Medium Pass WebTitan Web Interface Default Credentials 24 Jul 2014 7.5 (v2) High Pass CODESYS WAGO WebVisu Password Information Disclosure Vulnerability 25 Aug 2014 5 (v2) Medium Pass CODESYS WAGO WebVisu Detection 25 Aug 2014 None Pass OS Identification : NTP 19 May 2007 None Pass Unsupported Cisco MXP Series Device CVE-2014-3362 19 Sep 2014 7.8 (v2) High Pass Silver Peak NX Detection 25 Sep 2014 None Pass Cisco HyperFlex HX Command Injection Direct Check (cisco-sa-hyperflex-rce-TjjNrkpR) CVE-2021-1497 CVE-2021-1498 26 May 2021 9.8 (v3) Critical Pass IBM Jazz Team Server Session Cookie Information Disclosure CVE-2014-3092 06 Oct 2014 5 (v2) Medium Pass CommuniGate Pro LISTS Module Malformed Multipart Message DoS CVE-2005-1007 06 Apr 2005 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.6 DHCP Packet Handling Dataplane DoS 07 Jul 2016 5 (v2) Medium Pass Unprotected Telnet Service 13 Nov 2014 10 (v2) Critical Pass DNN (DotNetNuke) Detection 02 Dec 2009 None Pass Embedded HP Web Server Detected 13 Aug 2018 None Pass ARRIS Touchstone Cable Modem Detection 07 Nov 2014 None Pass Western Digital ShareSpace Detection 18 Jul 2012 None Pass Apache Hadoop YARN ResourceManager Web Interface 20 Sep 2018 None Pass Horde Kronolith Detection 07 Aug 2012 None Pass EMail Security Virtual Appliance Detection 06 Sep 2012 None Pass Atlassian Confluence VelocityServlet Error Page XSS 27 Sep 2012 4.3 (v2) Medium Pass AXIS Camera Unsecured Feed Detection 21 Feb 2019 None Pass MapServer for Windows (MS4W) Detection 01 Nov 2012 None Pass Traq Detection 12 Nov 2012 None Pass PHP 5.6.x < 5.6.38 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass Apple TV < 13.3 Multiple Vulnerabilities CVE-2019-8828 CVE-2019-8830 CVE-2019-8832 CVE-2019-8833 CVE-2019-8835 CVE-2019-8836 CVE-2019-8838 CVE-2019-8844 CVE-2019-8846 CVE-2019-8848 CVE-2019-1590313 Dec 2019 8.8 (v3) High Pass Juniper Junos SRX Series Upgrade Handling Local Root Authentication Bypass (JSA10753) CVE-2016-1278 22 Jul 2016 7.2 (v2) High 65
RELAYTO Penetration Test Results Page 64 Page 66