Scan Report

December 1, 2025

Summary
This document reports on the results of an automatic security scan. All dates are dis-
played using the timezone Coordinated Universal Time, which is abbreviated UTC. The
task was Windows Scan. The scan started at Tue Nov 25 [Link] 2025 UTC and ended
at Tue Nov 25 [Link] 2025 UTC. The report rst summarises the results found. Then, for
each host, the report describes every issue found. Please consider the advice given in each
description, in order to rectify the issue.

Contents

1 Result Overview 2
1.1 Host Authentications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2 Results per Host 2

2.1 [Link] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2.1.1 High 8181/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2.1.2 High 22/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

2.1.3 High 8282/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.1.4 High 3306/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

2.1.5 High 3000/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

2.1.6 High 445/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

2.1.7 High 8020/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

2.1.8 High general/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

2.1.9 High 4848/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462

2.1.10 High 9200/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467

2.1.11 High 8383/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468

2.1.12 High 1617/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474

2.1.13 Medium 8443/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475

2.1.14 Medium 3389/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481

2.1.15 Medium 8181/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490

2.1.16 Medium 22/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500

2.1.17 Medium 8282/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504

1
CONTENTS 2

2.1.18 Medium 3306/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520

2.1.19 Medium 3000/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645

2.1.20 Medium 8020/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655

2.1.21 Medium general/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 662

2.1.22 Medium 135/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821

2.1.23 Medium 4848/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 823

2.1.24 Medium 9200/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 832

2.1.25 Medium 8022/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839

2.1.26 Medium 8383/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 842

2.1.27 Low general/icmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 856

2.1.28 Low 22/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 857

2.1.29 Low 3306/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 859

2.1.30 Low general/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 870

2.1.31 Low 9200/tcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 910

1 RESULT OVERVIEW 3

1 Result Overview

Host High Medium Low Log False Positive

[Link] 318 285 50 0 0
vagrant-2008R2
Total: 1 318 285 50 0 0

Vendor security updates are not trusted.

Overrides are o. Even when a result has an override, this report uses the actual threat of the
result.
Information on overrides is included in the report.
Notes are included in the report.
This report might not show details of all issues that were found.
Issues with the threat level Log are not shown.
Issues with the threat level Debug are not shown.
Issues with the threat level False Positive are not shown.
Only results with a minimum QoD of 70 are shown.

This report contains all 827 results selected by the ltering described above. Before ltering
there were 1084 results.

1.1 Host Authentications

Host Protocol Result Port/User

[Link] - vagrant-2008R2 SSH Success Protocol SSH, Port 22, User vagrant
[Link] - vagrant-2008R2 SMB Success Protocol SMB, Port 445, User vagrant

2 Results per Host

2.1 [Link]

Host scan start Tue Nov 25 [Link] 2025 UTC

Host scan end Tue Nov 25 [Link] 2025 UTC

Service (Port) Threat Level

8181/tcp High
22/tcp High
8282/tcp High
3306/tcp High
3000/tcp High
445/tcp High
8020/tcp High
general/tcp High
. . . (continues) . . .
2 RESULTS PER HOST 4

. . . (continued) . . .
Service (Port) Threat Level
4848/tcp High
9200/tcp High
8383/tcp High
1617/tcp High
8443/tcp Medium
3389/tcp Medium
8181/tcp Medium
22/tcp Medium
8282/tcp Medium
3306/tcp Medium
3000/tcp Medium
8020/tcp Medium
general/tcp Medium
135/tcp Medium
4848/tcp Medium
9200/tcp Medium
8022/tcp Medium
8383/tcp Medium
general/icmp Low
22/tcp Low
3306/tcp Low
general/tcp Low
9200/tcp Low

2.1.1 High 8181/tcp

High (CVSS: 7.5)

NVT: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Report Supported Cipher Suites (OID: [Link].4.1.25623.1.0.
,→802067)

Summary
This routine reports all SSL/TLS cipher suites accepted by a service where attack vectors exists
only on HTTPS services.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
'Vulnerable' cipher suites accepted by this service via the TLSv1.0 protocol:
. . . continues on next page . . .
2 RESULTS PER HOST 5

. . . continued from previous page . . .

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
'Vulnerable' cipher suites accepted by this service via the TLSv1.1 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
'Vulnerable' cipher suites accepted by this service via the TLSv1.2 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)

Impact
This could allow remote attackers to obtain sensitive information or have other, unspecied
impacts.

Solution:
Solution type: Mitigation
The conguration of this services should be changed so that it does not accept the listed cipher
suites anymore.
Please see the references for more resources supporting you with this task.

Aected Software/OS
All services accepting vulnerable SSL/TLS cipher suites via HTTPS.

Vulnerability Insight
These rules are applied for the evaluation of the vulnerable cipher suites:
- 64-bit block cipher 3DES vulnerable to the SWEET32 attack (CVE-2016-2183).

Vulnerability Detection Method

Checks previous collected cipher suites.
Details: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS
OID:[Link].4.1.25623.1.0.108031
Version used: 2025-03-27T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Report Supported Cipher Suites
OID: [Link].4.1.25623.1.0.802067)

References
cve: CVE-2016-2183
cve: CVE-2016-6329
cve: CVE-2020-12872
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 6

. . . continued from previous page . . .

url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
cert-bund: WID-SEC-2024-1277
cert-bund: WID-SEC-2024-0209
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2022-2226
cert-bund: WID-SEC-2022-1955
cert-bund: CB-K21/1094
cert-bund: CB-K20/1023
cert-bund: CB-K20/0321
cert-bund: CB-K20/0314
cert-bund: CB-K20/0157
cert-bund: CB-K19/0618
cert-bund: CB-K19/0615
cert-bund: CB-K18/0296
cert-bund: CB-K17/1980
cert-bund: CB-K17/1871
cert-bund: CB-K17/1803
cert-bund: CB-K17/1753
cert-bund: CB-K17/1750
cert-bund: CB-K17/1709
cert-bund: CB-K17/1558
cert-bund: CB-K17/1273
cert-bund: CB-K17/1202
cert-bund: CB-K17/1196
cert-bund: CB-K17/1055
cert-bund: CB-K17/1026
cert-bund: CB-K17/0939
cert-bund: CB-K17/0917
cert-bund: CB-K17/0915
cert-bund: CB-K17/0877
cert-bund: CB-K17/0796
cert-bund: CB-K17/0724
cert-bund: CB-K17/0661
cert-bund: CB-K17/0657
cert-bund: CB-K17/0582
cert-bund: CB-K17/0581
. . . continues on next page . . .
2 RESULTS PER HOST 7

. . . continued from previous page . . .

cert-bund: CB-K17/0506
cert-bund: CB-K17/0504
cert-bund: CB-K17/0467
cert-bund: CB-K17/0345
cert-bund: CB-K17/0098
cert-bund: CB-K17/0089
cert-bund: CB-K17/0086
cert-bund: CB-K17/0082
cert-bund: CB-K16/1837
cert-bund: CB-K16/1830
cert-bund: CB-K16/1635
cert-bund: CB-K16/1630
cert-bund: CB-K16/1624
cert-bund: CB-K16/1622
cert-bund: CB-K16/1500
cert-bund: CB-K16/1465
cert-bund: CB-K16/1307
cert-bund: CB-K16/1296
dfn-cert: DFN-CERT-2025-0041
dfn-cert: DFN-CERT-2021-1618
dfn-cert: DFN-CERT-2021-0775
dfn-cert: DFN-CERT-2021-0770
dfn-cert: DFN-CERT-2021-0274
dfn-cert: DFN-CERT-2020-2141
dfn-cert: DFN-CERT-2020-0368
dfn-cert: DFN-CERT-2019-1455
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1296
dfn-cert: DFN-CERT-2018-0323
dfn-cert: DFN-CERT-2017-2070
dfn-cert: DFN-CERT-2017-1954
dfn-cert: DFN-CERT-2017-1885
dfn-cert: DFN-CERT-2017-1831
dfn-cert: DFN-CERT-2017-1821
dfn-cert: DFN-CERT-2017-1785
dfn-cert: DFN-CERT-2017-1626
dfn-cert: DFN-CERT-2017-1326
dfn-cert: DFN-CERT-2017-1239
dfn-cert: DFN-CERT-2017-1238
dfn-cert: DFN-CERT-2017-1090
dfn-cert: DFN-CERT-2017-1060
dfn-cert: DFN-CERT-2017-0968
dfn-cert: DFN-CERT-2017-0947
dfn-cert: DFN-CERT-2017-0946
dfn-cert: DFN-CERT-2017-0904
dfn-cert: DFN-CERT-2017-0816
dfn-cert: DFN-CERT-2017-0746
. . . continues on next page . . .
2 RESULTS PER HOST 8

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2017-0677
dfn-cert: DFN-CERT-2017-0675
dfn-cert: DFN-CERT-2017-0611
dfn-cert: DFN-CERT-2017-0609
dfn-cert: DFN-CERT-2017-0522
dfn-cert: DFN-CERT-2017-0519
dfn-cert: DFN-CERT-2017-0482
dfn-cert: DFN-CERT-2017-0351
dfn-cert: DFN-CERT-2017-0090
dfn-cert: DFN-CERT-2017-0089
dfn-cert: DFN-CERT-2017-0088
dfn-cert: DFN-CERT-2017-0086
dfn-cert: DFN-CERT-2016-1943
dfn-cert: DFN-CERT-2016-1937
dfn-cert: DFN-CERT-2016-1732
dfn-cert: DFN-CERT-2016-1726
dfn-cert: DFN-CERT-2016-1715
dfn-cert: DFN-CERT-2016-1714
dfn-cert: DFN-CERT-2016-1588
dfn-cert: DFN-CERT-2016-1555
dfn-cert: DFN-CERT-2016-1391
dfn-cert: DFN-CERT-2016-1378

[ return to [Link] ]

2.1.2 High 22/tcp

High (CVSS: 7.8)

NVT: OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1
Fixed version: 7.4
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 9

. . . continued from previous page . . .

path / port: 22/tcp

Impact
Successfully exploiting this issue allows local users to obtain sensitive private-key information,
to gain privileges, conduct a senial-of-service condition and allows remote attackers to execute
arbitrary local PKCS#11 modules.

Solution:
Solution type: VendorFix
Update to version 7.4 or later.

Aected Software/OS
OpenSSH versions before 7.4 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- An 'authle.c' script does not properly consider the eects of realloc on buer contents.
- The shared memory manager (associated with pre-authentication compression) does not ensure
that a bounds check is enforced by all compilers.
- The sshd in OpenSSH creates forwarded Unix-domain sockets as root, when privilege separation
is not used.
- An untrusted search path vulnerability in ssh-agent.c in ssh-agent.
- NULL pointer dereference error due to an out-of-sequence NEWKEYS message.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows
OID:[Link].4.1.25623.1.0.810325
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2016-10009
cve: CVE-2016-10010
cve: CVE-2016-10011
cve: CVE-2016-10012
cve: CVE-2016-10708
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 10

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→3e6b931de1d16737
cert-bund: WID-SEC-2023-1996
cert-bund: CB-K18/0919
cert-bund: CB-K18/0591
cert-bund: CB-K18/0137
cert-bund: CB-K18/0041
cert-bund: CB-K17/2219
cert-bund: CB-K17/2112
cert-bund: CB-K17/1292
cert-bund: CB-K17/1061
cert-bund: CB-K17/0527
cert-bund: CB-K17/0377
cert-bund: CB-K17/0127
cert-bund: CB-K17/0041
cert-bund: CB-K16/1991
dfn-cert: DFN-CERT-2021-0776
dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2018-2259
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-2068
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1568
dfn-cert: DFN-CERT-2018-1432
dfn-cert: DFN-CERT-2018-1112
dfn-cert: DFN-CERT-2018-1070
dfn-cert: DFN-CERT-2018-1068
dfn-cert: DFN-CERT-2018-0150
dfn-cert: DFN-CERT-2018-0046
dfn-cert: DFN-CERT-2017-2320
dfn-cert: DFN-CERT-2017-2208
dfn-cert: DFN-CERT-2017-1340
dfn-cert: DFN-CERT-2017-1096
dfn-cert: DFN-CERT-2017-0532
dfn-cert: DFN-CERT-2017-0386
dfn-cert: DFN-CERT-2017-0130
dfn-cert: DFN-CERT-2017-0042
dfn-cert: DFN-CERT-2016-2099

High (CVSS: 7.5)

NVT: OpenSSH < 7.3 DoS and User Enumeration Vulnerabilities - Windows

. . . continues on next page . . .

2 RESULTS PER HOST 11

. . . continued from previous page . . .

Product detection result
cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to denial of service (DoS) and user enumeration vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1
Fixed version: 7.3
Installation
path / port: 22/tcp

Impact
Successfully exploiting this issue allows remote attackers to cause a denial of service (crypt CPU
consumption) and to enumerate users by leveraging the timing dierence between responses when
a large password is provided.

Solution:
Solution type: VendorFix
Update to version 7.3 or later.

Aected Software/OS
OpenSSH versions before 7.3 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- The auth_password function in 'auth-passwd.c' script does not limit password lengths for
password authentication.
- The sshd in OpenSSH, when SHA256 or SHA512 are used for user password hashing uses
BLOWFISH hashing on a static password when the username does not exist and it takes much
longer to calculate SHA256/SHA512 hash than BLOWFISH hash.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.3 DoS and User Enumeration Vulnerabilities - Windows
OID:[Link].4.1.25623.1.0.809121
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
. . . continues on next page . . .
2 RESULTS PER HOST 12

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2016-6515
cve: CVE-2016-6210
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-0450
cert-bund: WID-SEC-2023-0449
cert-bund: CB-K18/0041
cert-bund: CB-K17/2219
cert-bund: CB-K17/2112
cert-bund: CB-K17/1753
cert-bund: CB-K17/1349
cert-bund: CB-K17/1292
cert-bund: CB-K17/0055
cert-bund: CB-K16/1837
cert-bund: CB-K16/1629
cert-bund: CB-K16/1487
cert-bund: CB-K16/1485
cert-bund: CB-K16/1252
cert-bund: CB-K16/1221
cert-bund: CB-K16/1082
dfn-cert: DFN-CERT-2023-1920
dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1070
dfn-cert: DFN-CERT-2018-0046
dfn-cert: DFN-CERT-2017-2320
dfn-cert: DFN-CERT-2017-2208
dfn-cert: DFN-CERT-2017-1831
dfn-cert: DFN-CERT-2017-1407
dfn-cert: DFN-CERT-2017-1340
dfn-cert: DFN-CERT-2017-0060
dfn-cert: DFN-CERT-2016-1943
dfn-cert: DFN-CERT-2016-1729
dfn-cert: DFN-CERT-2016-1576
dfn-cert: DFN-CERT-2016-1574
dfn-cert: DFN-CERT-2016-1331
dfn-cert: DFN-CERT-2016-1243
dfn-cert: DFN-CERT-2016-1149

[ return to [Link] ]
2 RESULTS PER HOST 13

2.1.3 High 8282/tcp

High (CVSS: 7.8)

NVT: Apache Tomcat Multiple Vulnerabilities (Jun 2025) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.106
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.106, 10.1.42, 11.0.8 or later.

Aected Software/OS
Apache Tomcat version 9.0.105 and prior, 10.x through 10.1.41 and 11.0.0-M1 through 11.0.7.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by these aws.
If you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
The following aws exist:
- CVE-2025-48976: Denial of service (DoS) in Apache Commons FileUpload
- CVE-2025-48988: DoS in multipart upload
- CVE-2025-49125: Security constraint bypass for pre/post-resources

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Multiple Vulnerabilities (Jun 2025) - Windows
OID:[Link].4.1.25623.1.0.154755
Version used: 2025-06-24T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 14

. . . continued from previous page . . .

Product Detection Result
Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2025-48976
cve: CVE-2025-48988
cve: CVE-2025-49125
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-2373
cert-bund: WID-SEC-2025-2372
cert-bund: WID-SEC-2025-2371
cert-bund: WID-SEC-2025-2369
cert-bund: WID-SEC-2025-2366
cert-bund: WID-SEC-2025-2362
cert-bund: WID-SEC-2025-2361
cert-bund: WID-SEC-2025-2360
cert-bund: WID-SEC-2025-2359
cert-bund: WID-SEC-2025-2357
cert-bund: WID-SEC-2025-2356
cert-bund: WID-SEC-2025-2355
cert-bund: WID-SEC-2025-2353
cert-bund: WID-SEC-2025-2351
cert-bund: WID-SEC-2025-1562
cert-bund: WID-SEC-2025-1560
cert-bund: WID-SEC-2025-1559
cert-bund: WID-SEC-2025-1335
cert-bund: WID-SEC-2025-1334
dfn-cert: DFN-CERT-2025-3168
dfn-cert: DFN-CERT-2025-2941
dfn-cert: DFN-CERT-2025-2939
dfn-cert: DFN-CERT-2025-2390
dfn-cert: DFN-CERT-2025-2335
dfn-cert: DFN-CERT-2025-2299
dfn-cert: DFN-CERT-2025-2291
dfn-cert: DFN-CERT-2025-2098
dfn-cert: DFN-CERT-2025-2088
dfn-cert: DFN-CERT-2025-2056
. . . continues on next page . . .
2 RESULTS PER HOST 15

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-1992
dfn-cert: DFN-CERT-2025-1991
dfn-cert: DFN-CERT-2025-1780
dfn-cert: DFN-CERT-2025-1739
dfn-cert: DFN-CERT-2025-1588

High (CVSS: 7.8)

NVT: Apache Tomcat Session Fixation Vulnerability (Aug 2025) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a session xation vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.106
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.106, 10.1.42, 11.0.8 or later.

Aected Software/OS
Apache Tomcat versions prior to 9.0.106, 10.1.0-M1 through 10.1.41 and 11.0.0-M1 through
11.0.7.

Vulnerability Insight
If the rewrite valve was enabled for a web application, an attacker was able to craft a URL that,
if a victim clicked on it, would cause the victim's interaction with that resource to occur in the
context of the attacker's session.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Session Fixation Vulnerability (Aug 2025) - Windows
OID:[Link].4.1.25623.1.0.127943
. . . continues on next page . . .
2 RESULTS PER HOST 16

. . . continued from previous page . . .

Version used: 2025-08-21T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2025-55668
url: [Link]
cert-bund: WID-SEC-2025-1905
cert-bund: WID-SEC-2025-1826
dfn-cert: DFN-CERT-2025-1588

High (CVSS: 7.8)

NVT: Apache Tomcat DoS Vulnerability (Jul 2024) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.90
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.90, 10.1.25, 11.0.0-M21 or later.

Aected Software/OS
Apache Tomcat versions prior to 9.0.90, 10.x through 10.1.24 and 11.0.0-M1 through 11.0.0-M20.
. . . continues on next page . . .
2 RESULTS PER HOST 17

. . . continued from previous page . . .

Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by this aw. If
you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP
headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the
use of an incorrect innite timeout which allowed connections to remain open which should have
been closed.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat DoS Vulnerability (Jul 2024) - Windows
OID:[Link].4.1.25623.1.0.152544
Version used: 2024-12-19T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2024-34750
url: [Link]
url: [Link]
,→1
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-0163
cert-bund: WID-SEC-2025-0161
cert-bund: WID-SEC-2025-0148
cert-bund: WID-SEC-2025-0144
cert-bund: WID-SEC-2025-0143
cert-bund: WID-SEC-2024-3197
cert-bund: WID-SEC-2024-3195
cert-bund: WID-SEC-2024-2100
cert-bund: WID-SEC-2024-1905
cert-bund: WID-SEC-2024-1522
dfn-cert: DFN-CERT-2025-2098
dfn-cert: DFN-CERT-2025-1991
dfn-cert: DFN-CERT-2025-1517
dfn-cert: DFN-CERT-2025-0170
dfn-cert: DFN-CERT-2025-0146
dfn-cert: DFN-CERT-2024-2192
dfn-cert: DFN-CERT-2024-2031
. . . continues on next page . . .
2 RESULTS PER HOST 18

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-1723

High (CVSS: 7.8)

NVT: Apache Tomcat DoS Vulnerability (Jul 2025) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.107
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.107 or later.

Aected Software/OS
Apache Tomcat version 9.0.106 and prior.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that all versions prior to 9.x are aected by these aws. If you disagree with this
assessment and want to accept the risk please create an override for this result.

Vulnerability Insight
A race condition on connection close could trigger a JVM crash when using the APR/Native con-
nector leading to a DoS. This was particularly noticeable with client initiated closes of HTTP/2
connections.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat DoS Vulnerability (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.154918
Version used: 2025-07-11T[Link]Z

Product Detection Result

. . . continues on next page . . .
2 RESULTS PER HOST 19

. . . continued from previous page . . .

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2025-52434
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1905
cert-bund: WID-SEC-2025-1468
dfn-cert: DFN-CERT-2025-2957
dfn-cert: DFN-CERT-2025-2390
dfn-cert: DFN-CERT-2025-2299
dfn-cert: DFN-CERT-2025-2056
dfn-cert: DFN-CERT-2025-1991
dfn-cert: DFN-CERT-2025-1789

High (CVSS: 7.8)

NVT: Apache Tomcat HTTP/2 Protocol DoS Vulnerability (MadeYouReset) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to is prone to a denial of service (DoS) vulnerability in the HTTP/2
protocol dubbed 'MadeYouReset'.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.108
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.108, 10.1.44, 11.0.10 or later.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 20

. . . continued from previous page . . .

Apache Tomcat version 9.0.107 and prior, 10.x through 10.1.43 and 11.0.0-M1 through 11.0.9.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by these aws.
If you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specications
and the internal architectures of some HTTP/2 implementations may result in excessive server
resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly
triggering the server to reset them, using malformed frames or ow control errors, an attacker
can exploit incorrect stream accounting. Streams reset by the server are considered closed at
the protocol level, even though backend processing continues. This allows a client to cause the
server to handle an unbounded number of concurrent streams on a single connection.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat HTTP/2 Protocol DoS Vulnerability (MadeYouReset) - Windows
OID:[Link].4.1.25623.1.0.171673
Version used: 2025-08-26T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2025-8671
cve: CVE-2025-48989
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-2373
cert-bund: WID-SEC-2025-2361
cert-bund: WID-SEC-2025-2360
cert-bund: WID-SEC-2025-2357
cert-bund: WID-SEC-2025-2356
cert-bund: WID-SEC-2025-1830
dfn-cert: DFN-CERT-2025-2957
dfn-cert: DFN-CERT-2025-2390
. . . continues on next page . . .
2 RESULTS PER HOST 21

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-2299
dfn-cert: DFN-CERT-2025-2224
dfn-cert: DFN-CERT-2025-2219

High (CVSS: 7.8)

NVT: Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to multiple denial of service (DoS) vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.107
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.107, 10.1.43, 11.0.9 or later.

Aected Software/OS
Apache Tomcat version 9.0.106 and prior, 10.x through 10.1.42 and 11.0.0-M1 through 11.0.8.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by these aws.
If you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
The following aws exist:
- CVE-2025-52520: DoS due to overow in le upload limit
- CVE-2025-53506: DoS via excessive HTTP/2 streams

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.154896
. . . continues on next page . . .
2 RESULTS PER HOST 22

. . . continued from previous page . . .

Version used: 2025-07-11T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2025-52520
cve: CVE-2025-53506
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1905
cert-bund: WID-SEC-2025-1468
dfn-cert: DFN-CERT-2025-2390
dfn-cert: DFN-CERT-2025-2335
dfn-cert: DFN-CERT-2025-2299
dfn-cert: DFN-CERT-2025-2219
dfn-cert: DFN-CERT-2025-2168
dfn-cert: DFN-CERT-2025-2088
dfn-cert: DFN-CERT-2025-2056
dfn-cert: DFN-CERT-2025-1991
dfn-cert: DFN-CERT-2025-1789

High (CVSS: 7.5)

NVT: Apache Tomcat NIO HTTP connector Information Disclosure Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.41
. . . continues on next page . . .
2 RESULTS PER HOST 23

. . . continued from previous page . . .

Installation
path / port: 8282/tcp

Impact
Successful exploitation will allow remote attackers to gain access to potentially sensitive infor-
mation.

Solution:
Solution type: VendorFix
Upgrade to Apache Tomcat version 9.0.0.M15 or 8.5.9 or 8.0.41 or 7.0.75 or 6.0.50 or later.

Aected Software/OS
Apache Tomcat versions 9.0.0.M1 to 9.0.0.M13, Apache Tomcat versions 8.5.0 to 8.5.8, Apache
Tomcat versions 8.0.0.RC1 to 8.0.39, Apache Tomcat versions 7.0.0 to 7.0.73, and Apache Tomcat
versions 6.0.16 to 6.0.48 on Windows.

Vulnerability Insight
The aw exists due to error handling of the send le code for the NIO HTTP connector in Apache
Tomcat resulting in the current Processor object being added to the Processor cache multiple
times. This in turn means that the same Processor could be used for concurrent requests. Sharing
a Processor can result in information leakage between requests including, not not limited to,
session ID and the response body.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat NIO HTTP connector Information Disclosure Vulnerability - Windows
OID:[Link].4.1.25623.1.0.811296
Version used: 2024-02-15T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2016-8745
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2022-1375
. . . continues on next page . . .
2 RESULTS PER HOST 24

. . . continued from previous page . . .

cert-bund: CB-K18/0605
cert-bund: CB-K17/1746
cert-bund: CB-K17/1060
cert-bund: CB-K17/1033
cert-bund: CB-K17/0801
cert-bund: CB-K17/0444
cert-bund: CB-K17/0397
cert-bund: CB-K17/0303
cert-bund: CB-K17/0133
cert-bund: CB-K17/0090
cert-bund: CB-K16/1929
dfn-cert: DFN-CERT-2018-0729
dfn-cert: DFN-CERT-2017-1822
dfn-cert: DFN-CERT-2017-1095
dfn-cert: DFN-CERT-2017-1068
dfn-cert: DFN-CERT-2017-0828
dfn-cert: DFN-CERT-2017-0456
dfn-cert: DFN-CERT-2017-0404
dfn-cert: DFN-CERT-2017-0308
dfn-cert: DFN-CERT-2017-0137
dfn-cert: DFN-CERT-2017-0095
dfn-cert: DFN-CERT-2016-2037

High (CVSS: 7.5)

NVT: Apache Tomcat 'pipelined' Requests Information Disclosure Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.43
Installation
path / port: 8282/tcp

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 25

. . . continued from previous page . . .

Successful exploitation will allow remote attackers to obtain sensitive information from requests
other then their own.

Solution:
Solution type: VendorFix
Upgrade to version 9.0.0.M19, 8.5.13, 8.0.43, 7.0.77, 6.0.53 or later.

Aected Software/OS
Apache Tomcat versions 9.0.0.M1 to 9.0.0.M18, Apache Tomcat versions 8.5.0 to 8.5.12, Apache
Tomcat versions 8.0.0.RC1 to 8.0.42, Apache Tomcat versions 7.0.0 to 7.0.76 and Apache Tomcat
versions 6.0.0 to 6.0.52 on Windows.

Vulnerability Insight
A bug in the handling of the pipelined requests when send le was used resulted in the pipelined
request being lost when send le processing of the previous request completed.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat 'pipelined' Requests Information Disclosure Vulnerability - Windo.
,→..
OID:[Link].4.1.25623.1.0.810762
Version used: 2024-02-15T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2017-5647
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→dee9190ba48171451a@%[Link]%3E
cert-bund: WID-SEC-2024-0528
cert-bund: CB-K18/0047
cert-bund: CB-K17/1831
cert-bund: CB-K17/1423
cert-bund: CB-K17/1246
cert-bund: CB-K17/1205
cert-bund: CB-K17/1060
cert-bund: CB-K17/1033
cert-bund: CB-K17/0801
. . . continues on next page . . .
2 RESULTS PER HOST 26

. . . continued from previous page . . .

cert-bund: CB-K17/0604
dfn-cert: DFN-CERT-2018-0051
dfn-cert: DFN-CERT-2017-1914
dfn-cert: DFN-CERT-2017-1485
dfn-cert: DFN-CERT-2017-1288
dfn-cert: DFN-CERT-2017-1243
dfn-cert: DFN-CERT-2017-1095
dfn-cert: DFN-CERT-2017-1068
dfn-cert: DFN-CERT-2017-0828
dfn-cert: DFN-CERT-2017-0624

High (CVSS: 7.5)

NVT: Apache Tomcat Reverse Proxy Information Disclosure Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.39
Installation
path / port: 8282/tcp

Impact
Successful exploitation will allow remote attackers to obtain sensitive information from requests
other then their own.

Solution:
Solution type: VendorFix
Upgrade to version 9.0.0.M17, 8.5.11 or later.

Aected Software/OS
Apache Tomcat versions 9.0.0.M11 to 9.0.0.M15 and Apache Tomcat versions 8.5.0 to 8.5.9 on
Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 27

. . . continued from previous page . . .

The refactoring to make wider use of ByteBuer introduced a regression that could cause infor-
mation to leak between requests on the same connection. When running behind a reverse proxy,
this could result in information leakage between users.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Reverse Proxy Information Disclosure Vulnerability - Windows
OID:[Link].4.1.25623.1.0.810719
Version used: 2024-02-15T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2016-8747
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0426
dfn-cert: DFN-CERT-2017-0433

High (CVSS: 7.5)

NVT: Apache Tomcat Security Bypass Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.44
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 28

. . . continued from previous page . . .

path / port: 8282/tcp

Impact
Successful exploitation will allow an attacker to exploit this issue to bypass certain security
restrictions and perform unauthorized actions. This may lead to further attacks.

Solution:
Solution type: VendorFix
Upgrade to version 9.0.0.M21, or 8.5.15, or 8.0.44, or 7.0.78 or later.

Aected Software/OS
Apache Tomcat 9.0.0.M1 to 9.0.0.M20, Apache Tomcat 8.5.0 to 8.5.14, Apache Tomcat 8.0.0.RC1
to 8.0.43 and Apache Tomcat 7.0.0 to 7.0.77 on Windows

Vulnerability Insight
The error page mechanism of the Java Servlet Specication requires that, when an error occurs
and an error page is congured for the error that occurred, the original request and response are
forwarded to the error page. This means that the request is presented to the error page with the
original HTTP method. If the error page is a static le, expected behaviour is to serve content of
the le as if processing a GET request, regardless of the actual HTTP method. Tomcat's Default
Servlet did not do this. Depending on the original request this could lead to unexpected and
undesirable results for static error pages including, if the DefaultServlet is congured to permit
writes, the replacement or removal of the custom error page

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Security Bypass Vulnerability - Windows
OID:[Link].4.1.25623.1.0.811140
Version used: 2024-02-15T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2017-5664
url: [Link]
,→8b7896538478d76066@%[Link]%3E
url: [Link]
cert-bund: WID-SEC-2025-1212
cert-bund: WID-SEC-2024-0528
cert-bund: CB-K18/0605
cert-bund: CB-K18/0603
cert-bund: CB-K18/0478
. . . continues on next page . . .
2 RESULTS PER HOST 29

. . . continued from previous page . . .

cert-bund: CB-K18/0066
cert-bund: CB-K18/0047
cert-bund: CB-K17/2024
cert-bund: CB-K17/2017
cert-bund: CB-K17/1831
cert-bund: CB-K17/1748
cert-bund: CB-K17/1492
cert-bund: CB-K17/1423
cert-bund: CB-K17/1257
cert-bund: CB-K17/1246
cert-bund: CB-K17/0977
dfn-cert: DFN-CERT-2018-1274
dfn-cert: DFN-CERT-2018-0729
dfn-cert: DFN-CERT-2018-0513
dfn-cert: DFN-CERT-2018-0077
dfn-cert: DFN-CERT-2018-0051
dfn-cert: DFN-CERT-2017-2116
dfn-cert: DFN-CERT-2017-2106
dfn-cert: DFN-CERT-2017-1914
dfn-cert: DFN-CERT-2017-1827
dfn-cert: DFN-CERT-2017-1558
dfn-cert: DFN-CERT-2017-1485
dfn-cert: DFN-CERT-2017-1300
dfn-cert: DFN-CERT-2017-1288
dfn-cert: DFN-CERT-2017-1011

High (CVSS: 7.5)

NVT: Apache Tomcat DoS Vulnerability (Feb 2023) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.5.85
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 30

. . . continued from previous page . . .

path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 8.5.85, 9.0.71, 10.1.5, 11.0.0-M3 or later.

Aected Software/OS
Apache Tomcat versions through 8.5.84, 9.0.0-M1 through 9.0.70, 10.x through 10.1.4 and 11.0.0-
M1 only.

Vulnerability Insight
Apache Tomcat uses a packaged renamed copy of Apache Commons FileUpload to provide the le
upload functionality dened in the Jakarta Servlet specication. Apache Tomcat was, therefore,
also vulnerable to the Apache Commons FileUpload vulnerability CVE-2023-24998 as there was
no limit to the number of request parts processed. This resulted in the possibility of an attacker
triggering a DoS with a malicious upload or series of uploads.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat DoS Vulnerability (Feb 2023) - Windows
OID:[Link].4.1.25623.1.0.104551
Version used: 2025-01-21T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2023-24998
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-0810
cert-bund: WID-SEC-2024-1652
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1637
cert-bund: WID-SEC-2024-1622
cert-bund: WID-SEC-2024-1238
cert-bund: WID-SEC-2024-0890
cert-bund: WID-SEC-2024-0888
cert-bund: WID-SEC-2024-0794
. . . continues on next page . . .
2 RESULTS PER HOST 31

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-0124
cert-bund: WID-SEC-2024-0117
cert-bund: WID-SEC-2024-0054
cert-bund: WID-SEC-2023-2688
cert-bund: WID-SEC-2023-2675
cert-bund: WID-SEC-2023-2674
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2309
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1817
cert-bund: WID-SEC-2023-1815
cert-bund: WID-SEC-2023-1813
cert-bund: WID-SEC-2023-1812
cert-bund: WID-SEC-2023-1811
cert-bund: WID-SEC-2023-1809
cert-bund: WID-SEC-2023-1808
cert-bund: WID-SEC-2023-1807
cert-bund: WID-SEC-2023-1794
cert-bund: WID-SEC-2023-1792
cert-bund: WID-SEC-2023-1791
cert-bund: WID-SEC-2023-1784
cert-bund: WID-SEC-2023-1783
cert-bund: WID-SEC-2023-1782
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-1142
cert-bund: WID-SEC-2023-1021
cert-bund: WID-SEC-2023-1017
cert-bund: WID-SEC-2023-1016
cert-bund: WID-SEC-2023-1012
cert-bund: WID-SEC-2023-1007
cert-bund: WID-SEC-2023-1005
cert-bund: WID-SEC-2023-0609
cert-bund: WID-SEC-2023-0433
dfn-cert: DFN-CERT-2025-1992
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2024-1865
dfn-cert: DFN-CERT-2024-1006
dfn-cert: DFN-CERT-2024-0059
dfn-cert: DFN-CERT-2024-0048
dfn-cert: DFN-CERT-2023-2778
dfn-cert: DFN-CERT-2023-2545
dfn-cert: DFN-CERT-2023-2469
dfn-cert: DFN-CERT-2023-2054
dfn-cert: DFN-CERT-2023-1648
dfn-cert: DFN-CERT-2023-1643
dfn-cert: DFN-CERT-2023-1642
dfn-cert: DFN-CERT-2023-1423
. . . continues on next page . . .
2 RESULTS PER HOST 32

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2023-1362
dfn-cert: DFN-CERT-2023-1109
dfn-cert: DFN-CERT-2023-0902
dfn-cert: DFN-CERT-2023-0886
dfn-cert: DFN-CERT-2023-0884
dfn-cert: DFN-CERT-2023-0881
dfn-cert: DFN-CERT-2023-0763
dfn-cert: DFN-CERT-2023-0574
dfn-cert: DFN-CERT-2023-0540
dfn-cert: DFN-CERT-2023-0414

High (CVSS: 7.5)

NVT: Apache Tomcat 'Hostname Verication' Security Bypass Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.53
Installation
path / port: 8282/tcp

Impact
Successful exploitation will allow an attacker to bypass certain security restrictions and perform
unauthorized actions.

Solution:
Solution type: VendorFix
Upgrade to Apache Tomcat version 9.0.10 or 8.5.32 or 8.0.53 or 7.0.90 or later. Please see the
references for more information.

Aected Software/OS
Apache Tomcat versions 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52 and 7.0.35 to
7.0.88 on Windows.

. . . continues on next page . . .

2 RESULTS PER HOST 33

. . . continued from previous page . . .

Vulnerability Insight
The aw exists due to a missing host name verication when using TLS with the WebSocket
client.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813742
Version used: 2025-09-17T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2018-8034
url: [Link]
,→80722091057.GA70283@[Link]%3E
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1682
cert-bund: WID-SEC-2024-0528
cert-bund: CB-K19/0907
cert-bund: CB-K19/0616
cert-bund: CB-K19/0320
cert-bund: CB-K18/1005
cert-bund: CB-K18/0809
dfn-cert: DFN-CERT-2019-2418
dfn-cert: DFN-CERT-2019-1627
dfn-cert: DFN-CERT-2019-1237
dfn-cert: DFN-CERT-2019-0951
dfn-cert: DFN-CERT-2019-0451
dfn-cert: DFN-CERT-2019-0147
dfn-cert: DFN-CERT-2018-2165
dfn-cert: DFN-CERT-2018-2142
dfn-cert: DFN-CERT-2018-1753
dfn-cert: DFN-CERT-2018-1471
dfn-cert: DFN-CERT-2018-1443
dfn-cert: DFN-CERT-2018-1262
2 RESULTS PER HOST 34

High (CVSS: 7.5)

NVT: Apache Tomcat 'MultipartStream' Class DoS Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.36
Installation
path / port: 8282/tcp

Impact
Successful exploitation will allow remote attackers to cause a denial of service (CPU consump-
tion).

Solution:
Solution type: VendorFix
Upgrade to version 7.0.70, or 8.0.36, or 8.5.3, or 9.0.0.M7, or later.

Aected Software/OS
Apache Tomcat 7.x before 7.0.70, 8.0.0.RC1 before 8.0.36, 8.5.x before 8.5.3, and 9.0.0.M1 before
9.0.0.M7.

Vulnerability Insight
The aw is due to an error in the 'MultipartStream' class in Apache Commons Fileupload when
processing multi-part requests.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat 'MultipartStream' Class DoS Vulnerability - Windows
OID:[Link].4.1.25623.1.0.808197
Version used: 2022-04-13T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
. . . continues on next page . . .
2 RESULTS PER HOST 35

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2016-3092
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-0644
cert-bund: WID-SEC-2022-1537
cert-bund: WID-SEC-2022-1375
cert-bund: CB-K18/0605
cert-bund: CB-K17/1750
cert-bund: CB-K17/1198
cert-bund: CB-K17/1060
cert-bund: CB-K17/0657
cert-bund: CB-K17/0397
cert-bund: CB-K16/1993
cert-bund: CB-K16/1799
cert-bund: CB-K16/1758
cert-bund: CB-K16/1322
cert-bund: CB-K16/1002
cert-bund: CB-K16/0993
dfn-cert: DFN-CERT-2023-0574
dfn-cert: DFN-CERT-2018-2554
dfn-cert: DFN-CERT-2018-0729
dfn-cert: DFN-CERT-2017-1821
dfn-cert: DFN-CERT-2017-1236
dfn-cert: DFN-CERT-2017-1095
dfn-cert: DFN-CERT-2017-0675
dfn-cert: DFN-CERT-2017-0404
dfn-cert: DFN-CERT-2016-2104
dfn-cert: DFN-CERT-2016-1905
dfn-cert: DFN-CERT-2016-1823
dfn-cert: DFN-CERT-2016-1407
dfn-cert: DFN-CERT-2016-1068
dfn-cert: DFN-CERT-2016-1059

High (CVSS: 7.5)

NVT: Apache Tomcat 'UTF-8 Decoder' Denial of Service Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
. . . continues on next page . . .
2 RESULTS PER HOST 36

. . . continued from previous page . . .

,→7652)

Summary
Apache Tomcat is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.52
Installation
path / port: 8282/tcp

Impact
Successful exploitation will allow an attacker to conduct a denial-of-service condition.

Solution:
Solution type: VendorFix
Upgrade to Apache Tomcat version 9.0.8 or 8.5.31 or 8.0.52 or 7.0.90 or later. Please see the
references for more information.

Aected Software/OS
Apache Tomcat 9.0.0.M9 to 9.0.7 Apache Tomcat 8.5.0 to 8.5.30 Apache Tomcat 8.0.0.RC1 to
8.0.51 Apache Tomcat 7.0.28 to 7.0.86 on Windows.

Vulnerability Insight
The aw exists due to improper handing of overow in the UTF-8 decoder with supplementary
characters.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat 'UTF-8 Decoder' Denial of Service Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813724
Version used: 2025-09-17T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2018-1336
url: [Link]
,→80722090435.GA60759%[Link]%3E
. . . continues on next page . . .
2 RESULTS PER HOST 37

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-0528
cert-bund: CB-K18/0809
dfn-cert: DFN-CERT-2020-0048
dfn-cert: DFN-CERT-2018-2474
dfn-cert: DFN-CERT-2018-2165
dfn-cert: DFN-CERT-2018-2142
dfn-cert: DFN-CERT-2018-2133
dfn-cert: DFN-CERT-2018-2125
dfn-cert: DFN-CERT-2018-2097
dfn-cert: DFN-CERT-2018-1928
dfn-cert: DFN-CERT-2018-1753
dfn-cert: DFN-CERT-2018-1541
dfn-cert: DFN-CERT-2018-1471
dfn-cert: DFN-CERT-2018-1443
dfn-cert: DFN-CERT-2018-1262

High (CVSS: 7.1)

NVT: Apache Tomcat HTTP Request Line Information Disclosure Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.39
Installation
path / port: 8282/tcp

Impact
Successful exploitation will allow remote attackers to poison a web-cache, perform an XSS attack
and/or obtain sensitive information from requests other then their own.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 38

. . . continued from previous page . . .

Upgrade to version 9.0.0.M13, 8.5.8, 8.0.39, 7.0.73, 6.0.48 or later.

Aected Software/OS
Apache Tomcat versions 9.0.0.M1 to 9.0.0.M11, Apache Tomcat versions 8.5.0 to 8.5.6, Apache
Tomcat versions 8.0.0.RC1 to 8.0.38, Apache Tomcat versions 7.0.0 to 7.0.72, and Apache Tomcat
versions 6.0.0 to 6.0.47 on Windows.

Vulnerability Insight
The code that parsed the HTTP request line permitted invalid characters. This could be ex-
ploited, in conjunction with a proxy that also permitted the invalid characters but with a dierent
interpretation, to inject data into the HTTP response.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat HTTP Request Line Information Disclosure Vulnerability - Windows
OID:[Link].4.1.25623.1.0.810717
Version used: 2024-02-15T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2016-6816
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→information-disclosure
cert-bund: WID-SEC-2025-0215
cert-bund: WID-SEC-2024-0528
cert-bund: CB-K17/1746
cert-bund: CB-K17/1060
cert-bund: CB-K17/1033
cert-bund: CB-K17/0444
cert-bund: CB-K17/0397
cert-bund: CB-K17/0198
cert-bund: CB-K17/0133
cert-bund: CB-K17/0090
cert-bund: CB-K16/1976
cert-bund: CB-K16/1927
. . . continues on next page . . .
2 RESULTS PER HOST 39

. . . continued from previous page . . .

cert-bund: CB-K16/1815
dfn-cert: DFN-CERT-2017-1822
dfn-cert: DFN-CERT-2017-1095
dfn-cert: DFN-CERT-2017-1068
dfn-cert: DFN-CERT-2017-0456
dfn-cert: DFN-CERT-2017-0404
dfn-cert: DFN-CERT-2017-0203
dfn-cert: DFN-CERT-2017-0137
dfn-cert: DFN-CERT-2017-0095
dfn-cert: DFN-CERT-2016-2090
dfn-cert: DFN-CERT-2016-2035
dfn-cert: DFN-CERT-2016-1922

[ return to [Link] ]

2.1.4 High 3306/tcp

High (CVSS: 8.1)

NVT: Oracle MySQL Server <= 5.5.49 / 5.6 <= 5.6.30 / 5.7 <= 5.7.12 Security Update (cpu-
jul2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 40

. . . continued from previous page . . .

Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.49 and prior, 5.6 through 5.6.30 and 5.7 through 5.7.12.

Vulnerability Insight
Multiple unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.49 / 5.6 <= 5.6.30 / 5.7 <= 5.7.12 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.808588
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-3477
cve: CVE-2016-3521
cve: CVE-2016-3615
cve: CVE-2016-5440
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
advisory-id: cpujul2016
cert-bund: CB-K16/1755
cert-bund: CB-K16/1742
cert-bund: CB-K16/1448
cert-bund: CB-K16/1146
cert-bund: CB-K16/1122
cert-bund: CB-K16/1100
dfn-cert: DFN-CERT-2016-1859
dfn-cert: DFN-CERT-2016-1849
dfn-cert: DFN-CERT-2016-1540
dfn-cert: DFN-CERT-2016-1217
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-1169
2 RESULTS PER HOST 41

High (CVSS: 8.1)

NVT: Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.35
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.35, 8.0.26 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.34 and prior and 8.0 through 8.0.25.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Wi.
,→..
OID:[Link].4.1.25623.1.0.146355
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-22901
cve: CVE-2019-17543
cve: CVE-2021-2389
cve: CVE-2021-2390
. . . continues on next page . . .
2 RESULTS PER HOST 42

. . . continued from previous page . . .

cve: CVE-2021-2356
cve: CVE-2021-2385
cve: CVE-2021-2342
cve: CVE-2021-2372
cve: CVE-2021-22897
cve: CVE-2021-22898
url: [Link]
advisory-id: cpujul2021
cert-bund: WID-SEC-2025-2364
cert-bund: WID-SEC-2025-1905
cert-bund: WID-SEC-2025-1550
cert-bund: WID-SEC-2024-2180
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2023-2229
cert-bund: WID-SEC-2023-1350
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-1963
cert-bund: WID-SEC-2022-0873
cert-bund: CB-K22/0044
cert-bund: CB-K21/0813
cert-bund: CB-K21/0770
dfn-cert: DFN-CERT-2025-2944
dfn-cert: DFN-CERT-2022-1892
dfn-cert: DFN-CERT-2022-1692
dfn-cert: DFN-CERT-2022-1597
dfn-cert: DFN-CERT-2022-1241
dfn-cert: DFN-CERT-2022-0933
dfn-cert: DFN-CERT-2022-0872
dfn-cert: DFN-CERT-2022-0666
dfn-cert: DFN-CERT-2022-0076
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2021-2527
dfn-cert: DFN-CERT-2021-2438
dfn-cert: DFN-CERT-2021-2369
dfn-cert: DFN-CERT-2021-2185
dfn-cert: DFN-CERT-2021-2155
dfn-cert: DFN-CERT-2021-1743
dfn-cert: DFN-CERT-2021-1677
dfn-cert: DFN-CERT-2021-1593
dfn-cert: DFN-CERT-2021-1580
dfn-cert: DFN-CERT-2021-1537
dfn-cert: DFN-CERT-2021-1329
dfn-cert: DFN-CERT-2021-1174
dfn-cert: DFN-CERT-2021-1165
dfn-cert: DFN-CERT-2021-1157
dfn-cert: DFN-CERT-2021-1151
dfn-cert: DFN-CERT-2021-1148
. . . continues on next page . . .
2 RESULTS PER HOST 43

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-1045
dfn-cert: DFN-CERT-2019-2216

High (CVSS: 8.1)

NVT: Oracle MySQL Server <= 5.7.38 / 8.0 <= 8.0.29 Security Update (cpujul2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.39
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.39, 8.0.30 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.38 and prior and 8.0 through 8.0.29.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.38 / 8.0 <= 8.0.29 Security Update (cpujul2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.148511
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
. . . continues on next page . . .
2 RESULTS PER HOST 44

. . . continued from previous page . . .

cve: CVE-2022-1292
cve: CVE-2022-27778
cve: CVE-2018-25032
cve: CVE-2022-21515
url: [Link]
advisory-id: cpujul2022
cert-bund: WID-SEC-2024-1186
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-2723
cert-bund: WID-SEC-2023-2229
cert-bund: WID-SEC-2023-1969
cert-bund: WID-SEC-2023-1784
cert-bund: WID-SEC-2023-1542
cert-bund: WID-SEC-2023-1432
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-1350
cert-bund: WID-SEC-2023-1021
cert-bund: WID-SEC-2023-0141
cert-bund: WID-SEC-2023-0132
cert-bund: WID-SEC-2022-1775
cert-bund: WID-SEC-2022-1772
cert-bund: WID-SEC-2022-1767
cert-bund: WID-SEC-2022-1461
cert-bund: WID-SEC-2022-1438
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1245
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-1068
cert-bund: WID-SEC-2022-1057
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0767
cert-bund: WID-SEC-2022-0755
cert-bund: WID-SEC-2022-0736
cert-bund: WID-SEC-2022-0735
cert-bund: WID-SEC-2022-0677
cert-bund: WID-SEC-2022-0554
cert-bund: WID-SEC-2022-0393
cert-bund: WID-SEC-2022-0277
cert-bund: WID-SEC-2022-0071
cert-bund: WID-SEC-2022-0005
cert-bund: CB-K22/0619
cert-bund: CB-K22/0570
cert-bund: CB-K22/0536
cert-bund: CB-K22/0386
dfn-cert: DFN-CERT-2024-2686
dfn-cert: DFN-CERT-2024-2451
. . . continues on next page . . .
2 RESULTS PER HOST 45

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-0998
dfn-cert: DFN-CERT-2024-0790
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2023-3028
dfn-cert: DFN-CERT-2023-2667
dfn-cert: DFN-CERT-2023-2600
dfn-cert: DFN-CERT-2023-2599
dfn-cert: DFN-CERT-2023-2571
dfn-cert: DFN-CERT-2023-0553
dfn-cert: DFN-CERT-2023-0430
dfn-cert: DFN-CERT-2023-0372
dfn-cert: DFN-CERT-2023-0121
dfn-cert: DFN-CERT-2023-0119
dfn-cert: DFN-CERT-2023-0100
dfn-cert: DFN-CERT-2022-2799
dfn-cert: DFN-CERT-2022-2668
dfn-cert: DFN-CERT-2022-2376
dfn-cert: DFN-CERT-2022-2323
dfn-cert: DFN-CERT-2022-2309
dfn-cert: DFN-CERT-2022-2305
dfn-cert: DFN-CERT-2022-2268
dfn-cert: DFN-CERT-2022-2254
dfn-cert: DFN-CERT-2022-2150
dfn-cert: DFN-CERT-2022-2111
dfn-cert: DFN-CERT-2022-2094
dfn-cert: DFN-CERT-2022-2073
dfn-cert: DFN-CERT-2022-2072
dfn-cert: DFN-CERT-2022-2066
dfn-cert: DFN-CERT-2022-2059
dfn-cert: DFN-CERT-2022-2047
dfn-cert: DFN-CERT-2022-1992
dfn-cert: DFN-CERT-2022-1905
dfn-cert: DFN-CERT-2022-1875
dfn-cert: DFN-CERT-2022-1837
dfn-cert: DFN-CERT-2022-1646
dfn-cert: DFN-CERT-2022-1614
dfn-cert: DFN-CERT-2022-1609
dfn-cert: DFN-CERT-2022-1520
dfn-cert: DFN-CERT-2022-1476
dfn-cert: DFN-CERT-2022-1425
dfn-cert: DFN-CERT-2022-1310
dfn-cert: DFN-CERT-2022-1304
dfn-cert: DFN-CERT-2022-1267
dfn-cert: DFN-CERT-2022-1264
dfn-cert: DFN-CERT-2022-1116
dfn-cert: DFN-CERT-2022-1115
dfn-cert: DFN-CERT-2022-1114
. . . continues on next page . . .
2 RESULTS PER HOST 46

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-1103
dfn-cert: DFN-CERT-2022-1081
dfn-cert: DFN-CERT-2022-1076
dfn-cert: DFN-CERT-2022-1054
dfn-cert: DFN-CERT-2022-1049
dfn-cert: DFN-CERT-2022-0986
dfn-cert: DFN-CERT-2022-0768
dfn-cert: DFN-CERT-2022-0716

High (CVSS: 7.7)

NVT: Oracle Mysql Security Updates (apr2018-3678067) 04 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to have an impact on
condentiality, integrity and availability.

Solution:
Solution type: VendorFix
Apply the latest patch from vendor. Please see the references for more information.

Aected Software/OS
Oracle MySQL version 5.5.59 and earlier, 5.6.39 and earlier, 5.7.21 and earlier on Windows

Vulnerability Insight
Multiple aws exist due to
- Multiple errors in the 'Client programs' component of MySQL Server.
- An error in the 'Server: Locking' component of MySQL Server.
. . . continues on next page . . .
2 RESULTS PER HOST 47

. . . continued from previous page . . .

- An error in the 'Server: Optimizer' component of MySQL Server.
- Multiple errors in the 'Server: DDL' component of MySQL Server.
- Multiple errors in the 'Server: Replication' component of MySQL Server.
- An error in the 'InnoDB' component of MySQL Server.
- An error in the 'Server : Security : Privileges' component of MySQL Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (apr2018-3678067) 04 - Windows
OID:[Link].4.1.25623.1.0.813148
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2018-2761
cve: CVE-2018-2771
cve: CVE-2018-2781
cve: CVE-2018-2773
cve: CVE-2018-2817
cve: CVE-2018-2813
cve: CVE-2018-2755
cve: CVE-2018-2819
cve: CVE-2018-2818
url: [Link]
cert-bund: WID-SEC-2023-1594
cert-bund: CB-K18/0608
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-1265
dfn-cert: DFN-CERT-2018-0913
dfn-cert: DFN-CERT-2018-0723

High (CVSS: 7.7)

NVT: Oracle Mysql Security Updates (apr2017-3236618) 02 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 48

. . . continued from previous page . . .

Summary
Oracle MySQL is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to have impact on avail-
ability, condentiality and integrity.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.54 and earlier, 5.6.35 and earlier, 5.7.17 and earlier on Windows

Vulnerability Insight
Multiple aws exist due to multiple unspecied errors in the 'Server: DML', 'Server: Optimizer',
'Server: Thread Pooling', 'Client mysqldump', 'Server: Security: Privileges' components of the
application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (apr2017-3236618) 02 - Windows
OID:[Link].4.1.25623.1.0.810882
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3309
cve: CVE-2017-3308
cve: CVE-2017-3329
cve: CVE-2017-3456
. . . continues on next page . . .
2 RESULTS PER HOST 49

. . . continued from previous page . . .

cve: CVE-2017-3453
cve: CVE-2017-3600
cve: CVE-2017-3462
cve: CVE-2017-3463
cve: CVE-2017-3461
cve: CVE-2017-3464
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1732
cert-bund: CB-K17/1604
cert-bund: CB-K17/1563
cert-bund: CB-K17/1401
cert-bund: CB-K17/1298
cert-bund: CB-K17/1239
cert-bund: CB-K17/0927
cert-bund: CB-K17/0657
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1806
dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1630
dfn-cert: DFN-CERT-2017-1465
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-1282
dfn-cert: DFN-CERT-2017-0959
dfn-cert: DFN-CERT-2017-0675

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.7.33 / 8.0 <= 8.0.23 Security Update (cpuapr2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 50

. . . continued from previous page . . .

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.34
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.34, 8.0.24 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.33 and prior and 8.0 through 8.0.23.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.33 / 8.0 <= 8.0.23 Security Update (cpuapr2021) - Wi.
,→..
OID:[Link].4.1.25623.1.0.145796
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-3449
cve: CVE-2021-3450
cve: CVE-2021-23840
cve: CVE-2021-23841
cve: CVE-2021-2307
cve: CVE-2021-2304
cve: CVE-2021-2180
cve: CVE-2021-2194
cve: CVE-2021-2166
cve: CVE-2021-2179
cve: CVE-2021-2226
cve: CVE-2021-2169
. . . continues on next page . . .
2 RESULTS PER HOST 51

. . . continued from previous page . . .

cve: CVE-2021-2146
cve: CVE-2021-2174
cve: CVE-2021-2171
cve: CVE-2021-2162
url: [Link]
advisory-id: cpuapr2021
cert-bund: WID-SEC-2025-0227
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-0065
cert-bund: WID-SEC-2022-1894
cert-bund: WID-SEC-2022-1320
cert-bund: WID-SEC-2022-1303
cert-bund: WID-SEC-2022-1294
cert-bund: WID-SEC-2022-0751
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0671
cert-bund: WID-SEC-2022-0669
cert-bund: WID-SEC-2022-0602
cert-bund: CB-K22/0476
cert-bund: CB-K22/0061
cert-bund: CB-K21/1097
cert-bund: CB-K21/1095
cert-bund: CB-K21/1065
cert-bund: CB-K21/0785
cert-bund: CB-K21/0770
cert-bund: CB-K21/0573
cert-bund: CB-K21/0572
cert-bund: CB-K21/0565
cert-bund: CB-K21/0421
cert-bund: CB-K21/0412
cert-bund: CB-K21/0409
cert-bund: CB-K21/0389
cert-bund: CB-K21/0317
cert-bund: CB-K21/0185
dfn-cert: DFN-CERT-2024-2451
dfn-cert: DFN-CERT-2022-1582
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-1241
dfn-cert: DFN-CERT-2022-1215
dfn-cert: DFN-CERT-2022-0933
dfn-cert: DFN-CERT-2022-0666
dfn-cert: DFN-CERT-2022-0121
dfn-cert: DFN-CERT-2022-0076
dfn-cert: DFN-CERT-2022-0024
dfn-cert: DFN-CERT-2021-2527
dfn-cert: DFN-CERT-2021-2394
dfn-cert: DFN-CERT-2021-2223
. . . continues on next page . . .
2 RESULTS PER HOST 52

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-2216
dfn-cert: DFN-CERT-2021-2214
dfn-cert: DFN-CERT-2021-2197
dfn-cert: DFN-CERT-2021-2196
dfn-cert: DFN-CERT-2021-2190
dfn-cert: DFN-CERT-2021-2155
dfn-cert: DFN-CERT-2021-2126
dfn-cert: DFN-CERT-2021-1996
dfn-cert: DFN-CERT-2021-1825
dfn-cert: DFN-CERT-2021-1803
dfn-cert: DFN-CERT-2021-1740
dfn-cert: DFN-CERT-2021-1670
dfn-cert: DFN-CERT-2021-1660
dfn-cert: DFN-CERT-2021-1549
dfn-cert: DFN-CERT-2021-1547
dfn-cert: DFN-CERT-2021-1537
dfn-cert: DFN-CERT-2021-1500
dfn-cert: DFN-CERT-2021-1418
dfn-cert: DFN-CERT-2021-1330
dfn-cert: DFN-CERT-2021-1132
dfn-cert: DFN-CERT-2021-1129
dfn-cert: DFN-CERT-2021-1128
dfn-cert: DFN-CERT-2021-1098
dfn-cert: DFN-CERT-2021-1070
dfn-cert: DFN-CERT-2021-1061
dfn-cert: DFN-CERT-2021-0984
dfn-cert: DFN-CERT-2021-0884
dfn-cert: DFN-CERT-2021-0862
dfn-cert: DFN-CERT-2021-0829
dfn-cert: DFN-CERT-2021-0821
dfn-cert: DFN-CERT-2021-0818
dfn-cert: DFN-CERT-2021-0813
dfn-cert: DFN-CERT-2021-0807
dfn-cert: DFN-CERT-2021-0806
dfn-cert: DFN-CERT-2021-0740
dfn-cert: DFN-CERT-2021-0696
dfn-cert: DFN-CERT-2021-0656
dfn-cert: DFN-CERT-2021-0630
dfn-cert: DFN-CERT-2021-0629
dfn-cert: DFN-CERT-2021-0409
dfn-cert: DFN-CERT-2021-0408
dfn-cert: DFN-CERT-2021-0379
dfn-cert: DFN-CERT-2021-0363
2 RESULTS PER HOST 53

High (CVSS: 7.5)

NVT: Oracle Mysql Security Updates (apr2017-3236618) 01 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to cause the aected
application to crash, resulting in a denial-of-service condition.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.54 and earlier, 5.6.20 and earlier on Windows

Vulnerability Insight
The aw exists due to some unspecied error in the 'Server: C API' component due to failure
to handle exceptional conditions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (apr2017-3236618) 01 - Windows
OID:[Link].4.1.25623.1.0.810880
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
. . . continues on next page . . .
2 RESULTS PER HOST 54

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3302
url: [Link]
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1604
cert-bund: CB-K17/1298
cert-bund: CB-K17/1239
cert-bund: CB-K17/0657
cert-bund: CB-K17/0423
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-1282
dfn-cert: DFN-CERT-2017-0675
dfn-cert: DFN-CERT-2017-0430

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.6.48 Security Update (cpujul2020) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.49
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.49 or later.
. . . continues on next page . . .
2 RESULTS PER HOST 55

. . . continued from previous page . . .

Aected Software/OS
Oracle MySQL Server versions 5.6.48 and prior.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.48 Security Update (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.144286
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2020-1967
cve: CVE-2020-14539
cve: CVE-2020-14559
url: [Link]
advisory-id: cpujul2020
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-3080
cert-bund: CB-K21/1088
cert-bund: CB-K21/0070
cert-bund: CB-K20/1023
cert-bund: CB-K20/1017
cert-bund: CB-K20/0711
cert-bund: CB-K20/0708
cert-bund: CB-K20/0357
dfn-cert: DFN-CERT-2021-2192
dfn-cert: DFN-CERT-2021-0830
dfn-cert: DFN-CERT-2021-0826
dfn-cert: DFN-CERT-2021-0444
dfn-cert: DFN-CERT-2021-0140
dfn-cert: DFN-CERT-2020-2295
dfn-cert: DFN-CERT-2020-2286
dfn-cert: DFN-CERT-2020-2006
dfn-cert: DFN-CERT-2020-1827
dfn-cert: DFN-CERT-2020-1788
dfn-cert: DFN-CERT-2020-1508
dfn-cert: DFN-CERT-2020-0956
dfn-cert: DFN-CERT-2020-0930
dfn-cert: DFN-CERT-2020-0841
dfn-cert: DFN-CERT-2020-0824
. . . continues on next page . . .
2 RESULTS PER HOST 56

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2020-0822

High (CVSS: 7.5)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-01 (Feb 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20

Impact
Successful exploitation will allow attackers to disclose potentially sensitive information, manip-
ulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server version 5.5.40 and earlier, and 5.6.21 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Server:-
Security:Encryption, InnoDB:DML, Replication, and Security:Privileges:Foreign Key.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-01 (Feb 2015) - Windows
OID:[Link].4.1.25623.1.0.805132
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
. . . continues on next page . . .
2 RESULTS PER HOST 57

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-0411
cve: CVE-2014-6568
cve: CVE-2015-0382
cve: CVE-2015-0381
cve: CVE-2015-0374
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1193
cert-bund: CB-K15/0964
cert-bund: CB-K15/0567
cert-bund: CB-K15/0415
cert-bund: CB-K15/0073
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2015-0427
dfn-cert: DFN-CERT-2015-0074

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.7.42, 8.x <= 8.0.33 Security Update (cpuoct2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.43
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 58

. . . continued from previous page . . .

path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.43, 8.0.34 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.42 and prior and 8.x through 8.0.33.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.42, 8.x <= 8.0.33 Security Update (cpuoct2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.151214
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
advisory-id: cpuoct2023
cve: CVE-2023-2650
cve: CVE-2023-0464
cve: CVE-2023-0465
cve: CVE-2023-0466
cve: CVE-2023-1255
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0120
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2024-0053
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2690
cert-bund: WID-SEC-2023-2674
cert-bund: WID-SEC-2023-1794
cert-bund: WID-SEC-2023-1781
cert-bund: WID-SEC-2023-1614
cert-bund: WID-SEC-2023-1432
cert-bund: WID-SEC-2023-1323
cert-bund: WID-SEC-2023-1130
cert-bund: WID-SEC-2023-1053
cert-bund: WID-SEC-2023-0782
. . . continues on next page . . .
2 RESULTS PER HOST 59

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-0732
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2024-1799
dfn-cert: DFN-CERT-2024-1067
dfn-cert: DFN-CERT-2024-0565
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2024-0125
dfn-cert: DFN-CERT-2023-3071
dfn-cert: DFN-CERT-2023-3070
dfn-cert: DFN-CERT-2023-2749
dfn-cert: DFN-CERT-2023-2545
dfn-cert: DFN-CERT-2023-2536
dfn-cert: DFN-CERT-2023-2116
dfn-cert: DFN-CERT-2023-1947
dfn-cert: DFN-CERT-2023-1903
dfn-cert: DFN-CERT-2023-1720
dfn-cert: DFN-CERT-2023-1649
dfn-cert: DFN-CERT-2023-1642
dfn-cert: DFN-CERT-2023-1462
dfn-cert: DFN-CERT-2023-1428
dfn-cert: DFN-CERT-2023-1423
dfn-cert: DFN-CERT-2023-1332
dfn-cert: DFN-CERT-2023-1246
dfn-cert: DFN-CERT-2023-1245
dfn-cert: DFN-CERT-2023-1233
dfn-cert: DFN-CERT-2023-0999
dfn-cert: DFN-CERT-2023-0960
dfn-cert: DFN-CERT-2023-0929
dfn-cert: DFN-CERT-2023-0904
dfn-cert: DFN-CERT-2023-0782
dfn-cert: DFN-CERT-2023-0700
dfn-cert: DFN-CERT-2023-0645

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.7.41, 8.x <= 8.0.32 Security Update (cpuapr2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

. . . continues on next page . . .

2 RESULTS PER HOST 60

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.42
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.42, 8.0.33 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.41 and prior and 8.x through 8.0.32.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.41, 8.x <= 8.0.32 Security Update (cpuapr2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.149538
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-0215
cve: CVE-2022-43551
cve: CVE-2023-21980
cve: CVE-2022-4304
cve: CVE-2022-4450
cve: CVE-2023-0286
url: [Link]
advisory-id: cpuapr2023
cert-bund: WID-SEC-2025-1365
cert-bund: WID-SEC-2024-3377
cert-bund: WID-SEC-2024-2086
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0114
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2229
cert-bund: WID-SEC-2023-2031
. . . continues on next page . . .
2 RESULTS PER HOST 61

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-1886
cert-bund: WID-SEC-2023-1812
cert-bund: WID-SEC-2023-1793
cert-bund: WID-SEC-2023-1790
cert-bund: WID-SEC-2023-1614
cert-bund: WID-SEC-2023-1553
cert-bund: WID-SEC-2023-1432
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-1350
cert-bund: WID-SEC-2023-1033
cert-bund: WID-SEC-2023-1016
cert-bund: WID-SEC-2023-0777
cert-bund: WID-SEC-2023-0304
cert-bund: WID-SEC-2022-2375
dfn-cert: DFN-CERT-2024-1799
dfn-cert: DFN-CERT-2024-1188
dfn-cert: DFN-CERT-2024-0593
dfn-cert: DFN-CERT-2024-0454
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2024-0126
dfn-cert: DFN-CERT-2024-0016
dfn-cert: DFN-CERT-2023-2192
dfn-cert: DFN-CERT-2023-1760
dfn-cert: DFN-CERT-2023-1697
dfn-cert: DFN-CERT-2023-1656
dfn-cert: DFN-CERT-2023-1643
dfn-cert: DFN-CERT-2023-1590
dfn-cert: DFN-CERT-2023-1522
dfn-cert: DFN-CERT-2023-1462
dfn-cert: DFN-CERT-2023-1423
dfn-cert: DFN-CERT-2023-1297
dfn-cert: DFN-CERT-2023-1256
dfn-cert: DFN-CERT-2023-1162
dfn-cert: DFN-CERT-2023-1043
dfn-cert: DFN-CERT-2023-1037
dfn-cert: DFN-CERT-2023-0898
dfn-cert: DFN-CERT-2023-0885
dfn-cert: DFN-CERT-2023-0884
dfn-cert: DFN-CERT-2023-0881
dfn-cert: DFN-CERT-2023-0774
dfn-cert: DFN-CERT-2023-0685
dfn-cert: DFN-CERT-2023-0662
dfn-cert: DFN-CERT-2023-0661
dfn-cert: DFN-CERT-2023-0639
dfn-cert: DFN-CERT-2023-0618
dfn-cert: DFN-CERT-2023-0543
dfn-cert: DFN-CERT-2023-0471
. . . continues on next page . . .
2 RESULTS PER HOST 62

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2023-0430
dfn-cert: DFN-CERT-2023-0329
dfn-cert: DFN-CERT-2023-0318
dfn-cert: DFN-CERT-2023-0310
dfn-cert: DFN-CERT-2023-0299
dfn-cert: DFN-CERT-2023-0288
dfn-cert: DFN-CERT-2023-0284
dfn-cert: DFN-CERT-2023-0283
dfn-cert: DFN-CERT-2022-2902

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.7.41, 8.x <= 8.0.30 Security Update (cpuapr2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.42
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.42, 8.0.31 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.41 and prior and 8.x through 8.0.30.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.41, 8.x <= 8.0.30 Security Update (cpuapr2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.149534
Version used: 2025-09-09T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 63

. . . continued from previous page . . .

Product Detection Result
Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-21912
url: [Link]
advisory-id: cpuapr2023
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1033
dfn-cert: DFN-CERT-2023-1058
dfn-cert: DFN-CERT-2023-1037
dfn-cert: DFN-CERT-2023-0885

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 8.0.39, 8.1 <= 8.4.2, 9.0 <= 9.0.1 Security Update (cpuoct2024)
- Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.40
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.40, 8.4.3, 9.0.2 or later.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 64

. . . continued from previous page . . .

Oracle MySQL Server version 8.0.39 and prior, 8.1 through 8.4.2 and 9.0 through 9.0.1.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 8.0.39, 8.1 <= 8.4.2, 9.0 <= 9.0.1 Security Update (cpuo.
,→..
OID:[Link].4.1.25623.1.0.170877
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2024-5535
cve: CVE-2024-6119
cve: CVE-2024-21230
cve: CVE-2024-7264
cve: CVE-2024-21196
cve: CVE-2024-21194
cve: CVE-2024-21199
cve: CVE-2024-21218
cve: CVE-2024-21236
cve: CVE-2024-21239
cve: CVE-2024-21198
cve: CVE-2024-21219
cve: CVE-2024-21203
cve: CVE-2024-21197
cve: CVE-2024-21201
cve: CVE-2024-21241
cve: CVE-2024-21193
cve: CVE-2024-21213
cve: CVE-2024-21231
cve: CVE-2024-21237
url: [Link]
advisory-id: cpuoct2024
cert-bund: WID-SEC-2025-1560
cert-bund: WID-SEC-2025-0823
cert-bund: WID-SEC-2025-0814
cert-bund: WID-SEC-2025-0612
cert-bund: WID-SEC-2025-0225
cert-bund: WID-SEC-2025-0166
cert-bund: WID-SEC-2025-0148
cert-bund: WID-SEC-2025-0143
cert-bund: WID-SEC-2025-0001
. . . continues on next page . . .
2 RESULTS PER HOST 65

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-3674
cert-bund: WID-SEC-2024-3412
cert-bund: WID-SEC-2024-3201
cert-bund: WID-SEC-2024-3196
cert-bund: WID-SEC-2024-3192
cert-bund: WID-SEC-2024-3188
cert-bund: WID-SEC-2024-2112
cert-bund: WID-SEC-2024-2040
cert-bund: WID-SEC-2024-1736
cert-bund: WID-SEC-2024-1469
dfn-cert: DFN-CERT-2025-1659
dfn-cert: DFN-CERT-2025-1474
dfn-cert: DFN-CERT-2025-1454
dfn-cert: DFN-CERT-2025-0975
dfn-cert: DFN-CERT-2025-0854
dfn-cert: DFN-CERT-2025-0474
dfn-cert: DFN-CERT-2025-0446
dfn-cert: DFN-CERT-2025-0179
dfn-cert: DFN-CERT-2025-0175
dfn-cert: DFN-CERT-2025-0170
dfn-cert: DFN-CERT-2025-0041
dfn-cert: DFN-CERT-2024-3300
dfn-cert: DFN-CERT-2024-3152
dfn-cert: DFN-CERT-2024-3013
dfn-cert: DFN-CERT-2024-2884
dfn-cert: DFN-CERT-2024-2783
dfn-cert: DFN-CERT-2024-2734
dfn-cert: DFN-CERT-2024-2732
dfn-cert: DFN-CERT-2024-2381
dfn-cert: DFN-CERT-2024-2322
dfn-cert: DFN-CERT-2024-2285
dfn-cert: DFN-CERT-2024-2168
dfn-cert: DFN-CERT-2024-2025
dfn-cert: DFN-CERT-2024-1978
dfn-cert: DFN-CERT-2024-1968
dfn-cert: DFN-CERT-2024-1967
dfn-cert: DFN-CERT-2024-1681

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.7.36 / 8.0 <= 8.0.27 Security Update (cpujan2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 66

. . . continued from previous page . . .

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.37
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.37, 8.0.28 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.36 and prior and 8.0 through 8.0.27.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.36 / 8.0 <= 8.0.27 Security Update (cpujan2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.147465
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-22946
cve: CVE-2022-21367
cve: CVE-2022-21270
cve: CVE-2022-21304
cve: CVE-2022-21344
cve: CVE-2022-21303
cve: CVE-2022-21245
cve: CVE-2021-22947
url: [Link]
advisory-id: cpujan2022
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2023-2229
. . . continues on next page . . .
2 RESULTS PER HOST 67

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-1350
cert-bund: WID-SEC-2022-1908
cert-bund: WID-SEC-2022-1461
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-1056
cert-bund: WID-SEC-2022-0875
cert-bund: WID-SEC-2022-0751
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0393
cert-bund: WID-SEC-2022-0101
cert-bund: CB-K22/0316
cert-bund: CB-K22/0077
cert-bund: CB-K22/0062
cert-bund: CB-K22/0030
cert-bund: CB-K21/0991
cert-bund: CB-K21/0969
dfn-cert: DFN-CERT-2022-2376
dfn-cert: DFN-CERT-2022-2086
dfn-cert: DFN-CERT-2022-2073
dfn-cert: DFN-CERT-2022-2072
dfn-cert: DFN-CERT-2022-2047
dfn-cert: DFN-CERT-2022-1892
dfn-cert: DFN-CERT-2022-1692
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-1143
dfn-cert: DFN-CERT-2022-0835
dfn-cert: DFN-CERT-2022-0586
dfn-cert: DFN-CERT-2022-0118
dfn-cert: DFN-CERT-2022-0112
dfn-cert: DFN-CERT-2022-0052
dfn-cert: DFN-CERT-2021-2527
dfn-cert: DFN-CERT-2021-1931

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.5.45 / 5.6 <= 5.6.26 Security Update (cpujul2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 68

. . . continued from previous page . . .

Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.45 and prior and 5.6 through 5.6.26.

Vulnerability Insight
An unspecied error exists in the 'MySQL Server' component via unknown vectors related to
the 'Option' sub-component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.45 / 5.6 <= 5.6.26 Security Update (cpujul2016) - Wi.
,→..
OID:[Link].4.1.25623.1.0.808591
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-3471
url: [Link]
url: [Link]
advisory-id: cpujul2016
cert-bund: CB-K16/1122
cert-bund: CB-K16/1100
dfn-cert: DFN-CERT-2016-1192
. . . continues on next page . . .
2 RESULTS PER HOST 69

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2016-1169

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.7.37 / 8.0 <= 8.0.28 Security Update (cpuapr2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.38
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.38, 8.0.29 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.37 and prior and 8.0 through 8.0.28.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.37 / 8.0 <= 8.0.28 Security Update (cpuapr2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.113944
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2022-0778
. . . continues on next page . . .
2 RESULTS PER HOST 70

. . . continued from previous page . . .

cve: CVE-2022-21454
cve: CVE-2022-21417
cve: CVE-2022-21427
cve: CVE-2022-21451
cve: CVE-2022-21444
cve: CVE-2022-21460
url: [Link]
advisory-id: cpuapr2022
cert-bund: WID-SEC-2024-2086
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-1186
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-1969
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-1081
cert-bund: WID-SEC-2022-1057
cert-bund: WID-SEC-2022-0836
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0767
cert-bund: WID-SEC-2022-0677
cert-bund: WID-SEC-2022-0551
cert-bund: WID-SEC-2022-0530
cert-bund: WID-SEC-2022-0515
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0393
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0270
cert-bund: WID-SEC-2022-0261
cert-bund: WID-SEC-2022-0200
cert-bund: WID-SEC-2022-0190
cert-bund: WID-SEC-2022-0169
cert-bund: WID-SEC-2022-0065
cert-bund: CB-K22/0619
cert-bund: CB-K22/0470
cert-bund: CB-K22/0468
cert-bund: CB-K22/0321
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2023-2667
dfn-cert: DFN-CERT-2023-0081
dfn-cert: DFN-CERT-2022-2668
dfn-cert: DFN-CERT-2022-2376
dfn-cert: DFN-CERT-2022-2268
dfn-cert: DFN-CERT-2022-2111
dfn-cert: DFN-CERT-2022-2094
dfn-cert: DFN-CERT-2022-2059
. . . continues on next page . . .
2 RESULTS PER HOST 71

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-2047
dfn-cert: DFN-CERT-2022-1928
dfn-cert: DFN-CERT-2022-1837
dfn-cert: DFN-CERT-2022-1667
dfn-cert: DFN-CERT-2022-1597
dfn-cert: DFN-CERT-2022-1469
dfn-cert: DFN-CERT-2022-1370
dfn-cert: DFN-CERT-2022-1294
dfn-cert: DFN-CERT-2022-1264
dfn-cert: DFN-CERT-2022-1205
dfn-cert: DFN-CERT-2022-1116
dfn-cert: DFN-CERT-2022-1115
dfn-cert: DFN-CERT-2022-1114
dfn-cert: DFN-CERT-2022-1081
dfn-cert: DFN-CERT-2022-0955
dfn-cert: DFN-CERT-2022-0902
dfn-cert: DFN-CERT-2022-0899
dfn-cert: DFN-CERT-2022-0898
dfn-cert: DFN-CERT-2022-0873
dfn-cert: DFN-CERT-2022-0866
dfn-cert: DFN-CERT-2022-0865
dfn-cert: DFN-CERT-2022-0779
dfn-cert: DFN-CERT-2022-0759
dfn-cert: DFN-CERT-2022-0627
dfn-cert: DFN-CERT-2022-0625
dfn-cert: DFN-CERT-2022-0610
dfn-cert: DFN-CERT-2022-0603

High (CVSS: 7.5)

NVT: Oracle MySQL Server <= 5.5.39 / 5.6 <= 5.6.20 Security Update (cpuoct2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.40
. . . continues on next page . . .
2 RESULTS PER HOST 72

. . . continued from previous page . . .

Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow attackers to disclose potentially sensitive information, gain
escalated privileges, manipulate certain data, cause a DoS (Denial of Service), and compromise
a vulnerable system.

Solution:
Solution type: VendorFix
Update to version 5.5.40, 5.6.21 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5.39 and prior and 5.6 through 5.6.20.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to C API SSL
CERTIFICATE HANDLING, SERVER:DML, SERVER:SSL:yaSSL, SERVER:OPTIMIZER,
SERVER:INNODB DML FOREIGN KEYS.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.39 / 5.6 <= 5.6.20 Security Update (cpuoct2014) - Wi.
,→..
OID:[Link].4.1.25623.1.0.804781
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-6507
cve: CVE-2014-6491
cve: CVE-2014-6500
cve: CVE-2014-6469
cve: CVE-2014-6555
cve: CVE-2014-6559
cve: CVE-2014-6494
cve: CVE-2014-6496
cve: CVE-2014-6464
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 73

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
advisory-id: cpuoct2014
cert-bund: CB-K15/1518
cert-bund: CB-K15/0964
cert-bund: CB-K15/0567
cert-bund: CB-K15/0415
cert-bund: CB-K14/1482
cert-bund: CB-K14/1420
cert-bund: CB-K14/1299
dfn-cert: DFN-CERT-2015-1604
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2015-0427
dfn-cert: DFN-CERT-2014-1567
dfn-cert: DFN-CERT-2014-1500
dfn-cert: DFN-CERT-2014-1357

High (CVSS: 7.5)

NVT: Oracle MySQL Denial Of Service Vulnerability (Feb 2017) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.21
Installation
path / port: 3306/tcp

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 74

. . . continued from previous page . . .

Successful exploitation of this vulnerability will allow attackers to cause crash of applications
using that MySQL client.

Solution:
Solution type: VendorFix
Upgrade to Oracle MySQL version 5.6.21 or 5.7.5 or later.

Aected Software/OS
Oracle MySQL version before 5.6.21 and 5.7.x before 5.7.5 on Windows

Vulnerability Insight
Multiple errors exist as,
- In sql-common/client.c script 'mysql_prune_stmt_list' function, the for loop adds elements
to pruned_list without removing it from the existing list.
- If application gets disconnected just before it tries to prepare a new statement,
'mysql_prune_stmt_list' tries to detach all previously prepared statements.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Denial Of Service Vulnerability (Feb 2017) - Windows
OID:[Link].4.1.25623.1.0.810603
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3302
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1604
cert-bund: CB-K17/1298
cert-bund: CB-K17/1239
cert-bund: CB-K17/0657
cert-bund: CB-K17/0423
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-1282
dfn-cert: DFN-CERT-2017-0675
. . . continues on next page . . .
2 RESULTS PER HOST 75

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2017-0430

High (CVSS: 7.2)

NVT: Oracle MySQL Server <= 5.7.29 / 8.0 <= 8.0.19 Security Update (cpuapr2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a vulnerability in the parser.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.30
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.30, 8.0.20 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.29 and prior and 8.0 through 8.0.19.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.29 / 8.0 <= 8.0.19 Security Update (cpuapr2021) - Wi.
,→..
OID:[Link].4.1.25623.1.0.145800
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-2144
. . . continues on next page . . .
2 RESULTS PER HOST 76

. . . continued from previous page . . .

url: [Link]
advisory-id: cpuapr2021
cert-bund: WID-SEC-2023-0065
cert-bund: CB-K21/0421
dfn-cert: DFN-CERT-2021-0821

High (CVSS: 7.2)

NVT: Oracle MySQL Unspecied Vulnerability-03 (Sep 2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.52
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an remote attacker to gain elevated privileges on the aected
system, also could allow buer overow attacks.

Solution:
Solution type: VendorFix
Upgrade to Oracle MySQL Server 5.5.52 or later.

Aected Software/OS
Oracle MySQL Server 5.5.x to 5.5.51 on windows

Vulnerability Insight
Multiple errors exist. Please see the references for more information.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Unspecified Vulnerability-03 (Sep 2016) - Windows
OID:[Link].4.1.25623.1.0.809300
. . . continues on next page . . .
2 RESULTS PER HOST 77

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
url: [Link]

High (CVSS: 7.2)

NVT: Oracle MySQL Multiple Unspecied Vulnerabilities-06 (Oct 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server Server 5.5.44 and earlier, and 5.6.25 and earlier

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 78

. . . continued from previous page . . .

Unspecied errors exist in the MySQL Server component via unknown vectors related to Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified Vulnerabilities-06 (Oct 2015) - Windows
OID:[Link].4.1.25623.1.0.805769
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-4879
cve: CVE-2015-4819
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1483
cert-bund: CB-K16/1122
cert-bund: CB-K16/0791
cert-bund: CB-K16/0493
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K15/1844
cert-bund: CB-K15/1600
cert-bund: CB-K15/1554
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2015-1946
dfn-cert: DFN-CERT-2015-1692
dfn-cert: DFN-CERT-2015-1638

High (CVSS: 7.2)

NVT: Oracle MySQL Server <= 5.5.46 / 5.6 <= 5.6.27 / 5.7.9 Security Update (cpujan2016) -
Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
. . . continues on next page . . .
2 RESULTS PER HOST 79

. . . continued from previous page . . .

,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.46 and prior, 5.6 through 5.6.27 and version 5.7.9.

Vulnerability Insight
Unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.46 / 5.6 <= 5.6.27 / 5.7.9 Security Update (cpujan20.
,→..
OID:[Link].4.1.25623.1.0.806876
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-0609
cve: CVE-2016-0608
cve: CVE-2016-0606
cve: CVE-2016-0600
. . . continues on next page . . .
2 RESULTS PER HOST 80

. . . continued from previous page . . .

cve: CVE-2016-0598
cve: CVE-2016-0597
cve: CVE-2016-0546
cve: CVE-2016-0505
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
advisory-id: cpujan2016
cert-bund: WID-SEC-2024-1482
cert-bund: CB-K16/1122
cert-bund: CB-K16/0936
cert-bund: CB-K16/0791
cert-bund: CB-K16/0646
cert-bund: CB-K16/0493
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K16/0133
cert-bund: CB-K16/0094
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0994
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0695
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2016-0143
dfn-cert: DFN-CERT-2016-0104

High (CVSS: 7.1)

NVT: Oracle MySQL Server <= 5.6.42 / 5.7 <= 5.7.24 / 8.0 <= 8.0.13 Security Update (cpu-
jan2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 81

. . . continued from previous page . . .

Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability can result in unauthorized access to critical data or
complete access to all MySQL Server accessible data and unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server.

Solution:
Solution type: VendorFix
Updates are available. Apply the necessary patch from the referenced link.

Aected Software/OS
Oracle MySQL Server versions 5.6.42 and prior, 5.7 through 5.7.24 and 8.0 through 8.0.13.

Vulnerability Insight
The attacks range in variety and diculty. Most of them allow an attacker with network access
via multiple protocols to compromise the MySQL Server.
For further information refer to the ocial advisory via the referenced link.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.42 / 5.7 <= 5.7.24 / 8.0 <= 8.0.13 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.112489
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2019-2534
cve: CVE-2019-2529
cve: CVE-2019-2482
cve: CVE-2019-2455
cve: CVE-2019-2503
. . . continues on next page . . .
2 RESULTS PER HOST 82

. . . continued from previous page . . .

cve: CVE-2018-0734
cve: CVE-2019-2537
cve: CVE-2019-2481
cve: CVE-2019-2507
cve: CVE-2019-2531
cve: CVE-2018-5407
url: [Link]
advisory-id: cpujan2019
cert-bund: WID-SEC-2025-2349
cert-bund: WID-SEC-2025-1212
cert-bund: WID-SEC-2023-3083
cert-bund: WID-SEC-2023-1594
cert-bund: WID-SEC-2022-1696
cert-bund: WID-SEC-2022-0673
cert-bund: WID-SEC-2022-0517
cert-bund: CB-K22/0045
cert-bund: CB-K20/0324
cert-bund: CB-K20/0136
cert-bund: CB-K19/1121
cert-bund: CB-K19/0696
cert-bund: CB-K19/0622
cert-bund: CB-K19/0615
cert-bund: CB-K19/0321
cert-bund: CB-K19/0320
cert-bund: CB-K19/0319
cert-bund: CB-K19/0318
cert-bund: CB-K19/0316
cert-bund: CB-K19/0314
cert-bund: CB-K19/0050
cert-bund: CB-K19/0044
cert-bund: CB-K18/1173
cert-bund: CB-K18/1065
cert-bund: CB-K18/1039
dfn-cert: DFN-CERT-2020-0326
dfn-cert: DFN-CERT-2019-2457
dfn-cert: DFN-CERT-2019-2456
dfn-cert: DFN-CERT-2019-2305
dfn-cert: DFN-CERT-2019-2300
dfn-cert: DFN-CERT-2019-2046
dfn-cert: DFN-CERT-2019-1996
dfn-cert: DFN-CERT-2019-1897
dfn-cert: DFN-CERT-2019-1746
dfn-cert: DFN-CERT-2019-1713
dfn-cert: DFN-CERT-2019-1617
dfn-cert: DFN-CERT-2019-1614
dfn-cert: DFN-CERT-2019-1600
dfn-cert: DFN-CERT-2019-1588
. . . continues on next page . . .
2 RESULTS PER HOST 83

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-1562
dfn-cert: DFN-CERT-2019-1455
dfn-cert: DFN-CERT-2019-1450
dfn-cert: DFN-CERT-2019-1240
dfn-cert: DFN-CERT-2019-1152
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2019-0782
dfn-cert: DFN-CERT-2019-0781
dfn-cert: DFN-CERT-2019-0778
dfn-cert: DFN-CERT-2019-0775
dfn-cert: DFN-CERT-2019-0772
dfn-cert: DFN-CERT-2019-0484
dfn-cert: DFN-CERT-2019-0232
dfn-cert: DFN-CERT-2019-0204
dfn-cert: DFN-CERT-2019-0112
dfn-cert: DFN-CERT-2019-0104
dfn-cert: DFN-CERT-2019-0103
dfn-cert: DFN-CERT-2019-0102
dfn-cert: DFN-CERT-2018-2541
dfn-cert: DFN-CERT-2018-2539
dfn-cert: DFN-CERT-2018-2513
dfn-cert: DFN-CERT-2018-2456
dfn-cert: DFN-CERT-2018-2444
dfn-cert: DFN-CERT-2018-2396
dfn-cert: DFN-CERT-2018-2360
dfn-cert: DFN-CERT-2018-2338
dfn-cert: DFN-CERT-2018-2214

High (CVSS: 7.1)

NVT: Oracle Mysql Security Updates (jan2018-3236628) 04 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
. . . continues on next page . . .
2 RESULTS PER HOST 84

. . . continued from previous page . . .

Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to conduct a denial-of-
service attack and partially modify data.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.58 and earlier, 5.6.38 and earlier, 5.7.19 and earlier on Windows

Vulnerability Insight
The aw exists due to an error in 'Server:Partition' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (jan2018-3236628) 04 - Windows
OID:[Link].4.1.25623.1.0.812650
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2018-2562
url: [Link]
cert-bund: CB-K18/0480
cert-bund: CB-K18/0392
cert-bund: CB-K18/0265
cert-bund: CB-K18/0096
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-1265
dfn-cert: DFN-CERT-2018-0733
dfn-cert: DFN-CERT-2018-0515
dfn-cert: DFN-CERT-2018-0424
dfn-cert: DFN-CERT-2018-0286
dfn-cert: DFN-CERT-2018-0101
2 RESULTS PER HOST 85

High (CVSS: 7.0)

NVT: Oracle MySQL Server <= 5.5.51 / 5.6 <= 5.6.32 / 5.7 <= 5.7.14 Security Update
(cpuoct2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation of these vulnerabilities will allow remote authenticated attackers to cause
denial of service conditions and gain elevated privileges.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.51 and prior, 5.6 through 5.6.32 and 5.7 through 5.7.14.

Vulnerability Insight
Multiple aws exist due to multiple unspecied errors in the 'Server:GIS', 'Server:Federated',
'Server:Optimizer', 'Server:Types', 'Server:Error Handling' and 'Server:MyISAM' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.51 / 5.6 <= 5.6.32 / 5.7 <= 5.7.14 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.809372
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
. . . continues on next page . . .
2 RESULTS PER HOST 86

. . . continued from previous page . . .

Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-3492
cve: CVE-2016-5626
cve: CVE-2016-5629
cve: CVE-2016-5616
cve: CVE-2016-5617
cve: CVE-2016-8283
cve: CVE-2016-6663
cve: CVE-2016-6664
url: [Link]
advisory-id: cpuoct2016
cert-bund: CB-K18/0224
cert-bund: CB-K17/1298
cert-bund: CB-K17/0139
cert-bund: CB-K16/1979
cert-bund: CB-K16/1846
cert-bund: CB-K16/1755
cert-bund: CB-K16/1714
cert-bund: CB-K16/1624
dfn-cert: DFN-CERT-2020-1473
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-0138
dfn-cert: DFN-CERT-2016-2089
dfn-cert: DFN-CERT-2016-1950
dfn-cert: DFN-CERT-2016-1859
dfn-cert: DFN-CERT-2016-1790
dfn-cert: DFN-CERT-2016-1714

[ return to [Link] ]

2.1.5 High 3000/tcp

High (CVSS: 8.8)

NVT: Ruby on Rails < 5.0.1 RCE Vulnerability

Summary
Ruby on Rails is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 87

. . . continued from previous page . . .

Vulnerability Detection Result

Installed version: 4.1.1
Fixed version: 5.0.1
Installation
path / port: /

Impact
Successful exploitation would allow an attacker to execute arbitrary code on the target machine.

Solution:
Solution type: VendorFix
Update to version 5.0.1 or later.

Aected Software/OS
Ruby on Rails through version 5.0.0.

Vulnerability Insight
An attacker may exploit this vulnerability by sending a specially crafted 'render' call.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails < 5.0.1 RCE Vulnerability
OID:[Link].4.1.25623.1.0.113718
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2020-8163
url: [Link]
cert-bund: CB-K20/0472
dfn-cert: DFN-CERT-2020-1733
dfn-cert: DFN-CERT-2020-1582

High (CVSS: 7.5)

NVT: Ruby on Rails Multiple Vulnerabilities (Jan 2016) - Windows

Summary
Ruby on Rails is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 88

. . . continued from previous page . . .

Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to read arbitrary les by leveraging an ap-
plication's unrestricted use of the render method, to cause a denial of service.

Solution:
Solution type: VendorFix
Update to version [Link], [Link], [Link] or later.

Aected Software/OS
Ruby on Rails before [Link], Ruby on Rails 4.0.x and 4.1.x before [Link] and Ruby on Rails
4.2.x before [Link] on Windows.

Vulnerability Insight
Multiple aws are due to:
- Directory traversal vulnerability in Action View.
- The script 'actionpack/lib/action_dispatch/http/mime_type.rb' does not properly restrict use
of the MIME type cache.
- The http_basic_authenticate_with method in 'actionpack/lib/action_controller/metal/http_authentication.rb'
does not use a constant-time algorithm for verifying credentials.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Multiple Vulnerabilities (Jan 2016) - Windows
OID:[Link].4.1.25623.1.0.809356
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2016-0752
cve: CVE-2016-0751
cve: CVE-2015-7576
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1085
cert-bund: CB-K17/0517
cert-bund: CB-K17/0278
cert-bund: CB-K16/0625
cert-bund: CB-K16/0522
cert-bund: CB-K16/0419
cert-bund: CB-K16/0238
. . . continues on next page . . .
2 RESULTS PER HOST 89

. . . continued from previous page . . .

cert-bund: CB-K16/0166
cert-bund: CB-K16/0165
dfn-cert: DFN-CERT-2017-0534
dfn-cert: DFN-CERT-2017-0284
dfn-cert: DFN-CERT-2016-0674
dfn-cert: DFN-CERT-2016-0566
dfn-cert: DFN-CERT-2016-0458
dfn-cert: DFN-CERT-2016-0259
dfn-cert: DFN-CERT-2016-0181
dfn-cert: DFN-CERT-2016-0178

High (CVSS: 7.5)

NVT: Ruby on Rails Action Pack DoS Vulnerability (Jan 2016) - Windows

Summary
Ruby on Rails is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to cause a denial of service condition.

Solution:
Solution type: VendorFix
Update to version [Link] or later.

Aected Software/OS
Ruby on Rails 4.x before [Link] on Windows.

Vulnerability Insight
The aw is due to an error in 'actionpack/lib/action_dispatch/routing/route_set.rb' script.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Action Pack DoS Vulnerability (Jan 2016) - Windows
OID:[Link].4.1.25623.1.0.809362
Version used: 2025-09-09T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 90

. . . continued from previous page . . .

References
cve: CVE-2015-7581
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1085
cert-bund: CB-K16/0625
cert-bund: CB-K16/0419
cert-bund: CB-K16/0166
cert-bund: CB-K16/0165
dfn-cert: DFN-CERT-2016-0674
dfn-cert: DFN-CERT-2016-0458
dfn-cert: DFN-CERT-2016-0181
dfn-cert: DFN-CERT-2016-0178

High (CVSS: 7.3)

NVT: Ruby on Rails Action Pack RCE Vulnerability (Feb 2016) - Windows

Summary
Ruby on Rails is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to control the arguments of the render method
in a controller or a view, resulting in the possibility of executing arbitrary ruby code.

Solution:
Solution type: VendorFix
Update to version [Link], [Link], [Link] or later.

Aected Software/OS
Ruby on Rails before [Link], Ruby on Rails 4.x before [Link] and Ruby on Rails 4.2.x before
[Link] on Windows.

Vulnerability Insight
The aw is due to an improper sanitization of user supplied inputs to the 'render' method in a
controller or view by 'Action Pack'.

. . . continues on next page . . .

2 RESULTS PER HOST 91

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Action Pack RCE Vulnerability (Feb 2016) - Windows
OID:[Link].4.1.25623.1.0.809352
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2016-2098
url: [Link]
url: [Link]
url: [Link]
,→AJ
cert-bund: WID-SEC-2022-2271
cert-bund: CB-K17/1730
cert-bund: CB-K16/0625
cert-bund: CB-K16/0522
cert-bund: CB-K16/0426
cert-bund: CB-K16/0419
cert-bund: CB-K16/0372
dfn-cert: DFN-CERT-2017-1809
dfn-cert: DFN-CERT-2016-0674
dfn-cert: DFN-CERT-2016-0566
dfn-cert: DFN-CERT-2016-0468
dfn-cert: DFN-CERT-2016-0458
dfn-cert: DFN-CERT-2016-0404

[ return to [Link] ]

2.1.6 High 445/tcp

High (CVSS: 8.8)

NVT: Microsoft Windows SMB Server Multiple Vulnerabilities-Remote (4013389)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS17-010.

Quality of Detection (QoD): 95%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote attackers to gain the ability to execute code on the
target server, also could lead to information disclosure from the server.
. . . continues on next page . . .
2 RESULTS PER HOST 92

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2016
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012 R2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Service Pack 2

Vulnerability Insight
Multiple aws exist due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server
handles certain requests.

Vulnerability Detection Method

Send the crafted SMB transaction request with d = 0 and check the response to conrm the
vulnerability.
Details: Microsoft Windows SMB Server Multiple Vulnerabilities-Remote (4013389)
OID:[Link].4.1.25623.1.0.810676
Version used: 2024-07-17T[Link]Z

References
cve: CVE-2017-0143
cve: CVE-2017-0144
cve: CVE-2017-0145
cve: CVE-2017-0146
cve: CVE-2017-0147
cve: CVE-2017-0148
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0435
. . . continues on next page . . .
2 RESULTS PER HOST 93

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2017-0448

[ return to [Link] ]

2.1.7 High 8020/tcp

High (CVSS: 7.5)

NVT: '/.//WEB-INF/' Information Disclosure Vulnerability (HTTP)

Summary
Various application or web servers / products are prone to an information disclosure vulnerability.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
Vulnerable URL: [Link]
Response (truncated):
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="[Link]
xmlns:xsi="[Link]
xsi:schemaLocation="[Link] [Link]
ns/j2ee/web-app_2_4.xsd" version="2.4">
<!-- $Id$ -->
<!-- Added for MickeyClient Pdf Generation -->
<context-param>
<param-name>ContextPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>defaultSkin</param-name>
<param-value>woody</param-value>
</context-param>
<context-param>
<param-name>useInstantFeedback</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>mailServerName</param-name>
<param-value>[Link]</param-value>
</context-param>
<context-param>
<param-name>instantFeedbackAddress</param-name>
<param-value>sym-issues@[Link]</param-value>
</context-param>
. . . continues on next page . . .
2 RESULTS PER HOST 94

. . . continued from previous page . . .

<context-param>
<param-name>AUTO_IMPORT_USER</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>PARAMETER-ENCODING</param-name>
<param-value>UTF-8</param-value>
</context-param>
<listener>
<listener-class>[Link]
,→ngListener</listener-class>
</listener>
<!-- SDP-DC integration -->
<listener>
<listener-class>[Link]</listener
,→-class>
</listener>
<!-- SDP-DC integra

Impact
Based on the information provided in this le an attacker might be able to gather additional info
and/or sensitive data about the application / the application / web server.

Solution:
Solution type: VendorFix
The following vendor xes are known:
- Update to Payara Platform Enterprise 5.31.0, Payara Platform Community 5.2021.7 or later.
For other products please contact the vendor for more information on possible xes.

Aected Software/OS
The following products are known to be aected:
- Payara Platform Enterprise / Community
Other products might be aected as well.

Vulnerability Insight
The servlet specication prohibits servlet containers from serving resources in the '/WEB-INF'
and '/META-INF' directories of a web application archive directly to clients.
This means that URLs like:
[Link]
will return an error message, rather than the contents of the deployment descriptor.
However, some application or web servers / products are prone to a vulnerability that exposes
this information if the client requests a URL like this instead:
[Link]
[Link]
(note the './/' before 'WEB-INF').

. . . continues on next page . . .

2 RESULTS PER HOST 95

. . . continued from previous page . . .

Vulnerability Detection Method
Sends a crafted HTTP GET request and checks the response.
Details: '/.//WEB-INF/' Information Disclosure Vulnerability (HTTP)
OID:[Link].4.1.25623.1.0.117707
Version used: 2023-03-06T[Link]Z

References
cve: CVE-2021-41381
url: [Link]
,→[Link]
url: [Link]
,→-[Link]

[ return to [Link] ]

2.1.8 High general/tcp

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5022338)

Summary
This host is missing an important security update according to Microsoft KB5022338

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.26321
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands,
disclose information and conduct DoS attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

. . . continues on next page . . .

2 RESULTS PER HOST 96

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws exist due to:
- A Remote Code Execution Vulnerability in Windows Layer 2 Tunneling Protocol.
- An elevation of privilege vulnerability in Windows Kernel.
- A Denial of Service Vulnerability in Windows Layer 2 Tunneling Protocol.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5022338)
OID:[Link].4.1.25623.1.0.826831
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2023-21546
cve: CVE-2023-21543
cve: CVE-2023-21548
cve: CVE-2023-21555
cve: CVE-2023-21556
cve: CVE-2023-21561
cve: CVE-2023-21679
cve: CVE-2023-21730
cve: CVE-2023-21527
cve: CVE-2023-21532
cve: CVE-2023-21537
cve: CVE-2023-21541
cve: CVE-2023-21542
cve: CVE-2023-21549
cve: CVE-2023-21552
cve: CVE-2023-21557
cve: CVE-2023-21560
cve: CVE-2023-21563
cve: CVE-2023-21675
cve: CVE-2023-21678
cve: CVE-2023-21680
cve: CVE-2023-21681
cve: CVE-2023-21682
cve: CVE-2023-21726
cve: CVE-2023-21728
cve: CVE-2023-21732
cve: CVE-2023-21746
cve: CVE-2023-21748
cve: CVE-2023-21750
cve: CVE-2023-21757
cve: CVE-2023-21774
cve: CVE-2023-21525
cve: CVE-2023-21765
. . . continues on next page . . .
2 RESULTS PER HOST 97

. . . continued from previous page . . .

cve: CVE-2023-21752
cve: CVE-2023-21776
cve: CVE-2023-21749
cve: CVE-2023-21772
cve: CVE-2023-21524
cve: CVE-2023-21747
cve: CVE-2023-21773
cve: CVE-2023-21754
cve: CVE-2023-21760
url: [Link]
cert-bund: WID-SEC-2023-0055
dfn-cert: DFN-CERT-2023-0050

High (CVSS: 8.8)

NVT: Microsoft Windows Kernel-Mode Driver Privilege Escalation and RCE Vulnerabilities
(3000061)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS14-058.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attacker to gain escalated privilege and compromise a user's
system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 98

. . . continued from previous page . . .

The aw is due to errors in [Link] when handling certain objects and parsing TrueType
fonts.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver Privilege Escalation and RCE Vulnerabiliti.
,→..
OID:[Link].4.1.25623.1.0.804859
Version used: 2024-07-01T[Link]Z

References
cve: CVE-2014-4113
cve: CVE-2014-4148
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/1291
dfn-cert: DFN-CERT-2014-1351

High (CVSS: 8.8)

NVT: Microsoft Internet Explorer RCE vulnerability (3088903)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-093.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: 8.0.7601.17000 - 8.0.7601.18967

Impact
Successful exploitation will allow remote attackers to corrupt memory and potentially execute
arbitrary code in the context of the current user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 99

. . . continued from previous page . . .

Microsoft Internet Explorer version 7.x/8.x/9.x/10.x/11.x.

Vulnerability Insight
The error exists due to multiple improper handling of memory objects.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer RCE vulnerability (3088903)
OID:[Link].4.1.25623.1.0.805959
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2015-2502
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1215
dfn-cert: DFN-CERT-2015-1283

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4489878)

Summary
This host is missing a critical security update according to Microsoft KB4489878

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24387
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code on a victim system, obtain
information to further compromise the user's system, gain elevated privileges, bypass security
features and cause denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 100

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist in,
- Event Viewer from showing Network Interface Cards events and
- Various Windows components.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4489878)
OID:[Link].4.1.25623.1.0.814936
Version used: 2023-10-27T[Link]Z

References
cve: CVE-2019-0601
cve: CVE-2019-0603
cve: CVE-2019-0609
cve: CVE-2019-0614
cve: CVE-2019-0617
cve: CVE-2019-0665
cve: CVE-2019-0666
cve: CVE-2019-0667
cve: CVE-2019-0680
cve: CVE-2019-0683
cve: CVE-2019-0690
cve: CVE-2019-0702
cve: CVE-2019-0703
cve: CVE-2019-0704
cve: CVE-2019-0746
cve: CVE-2019-0754
cve: CVE-2019-0755
cve: CVE-2019-0756
cve: CVE-2019-0759
cve: CVE-2019-0761
cve: CVE-2019-0762
cve: CVE-2019-0763
cve: CVE-2019-0765
cve: CVE-2019-0767
cve: CVE-2019-0772
cve: CVE-2019-0774
cve: CVE-2019-0775
cve: CVE-2019-0780
cve: CVE-2019-0782
cve: CVE-2019-0783
. . . continues on next page . . .
2 RESULTS PER HOST 101

. . . continued from previous page . . .

cve: CVE-2019-0784
cve: CVE-2019-0808
cve: CVE-2019-0821
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K19/0218
cert-bund: CB-K19/0217
cert-bund: CB-K19/0216
cert-bund: CB-K19/0212
cert-bund: CB-K19/0131
dfn-cert: DFN-CERT-2019-0521
dfn-cert: DFN-CERT-2019-0515
dfn-cert: DFN-CERT-2019-0507
dfn-cert: DFN-CERT-2019-0506
dfn-cert: DFN-CERT-2019-0311

High (CVSS: 8.8)

NVT: Microsoft SMBv1 Server Authenticated Remote Code Execution Vulnerability (3185879)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-114.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\drivers\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23517

Impact
Successful exploitation will allow attacker to take complete control of an aected system. An
attacker could then install, programs, view, change, or delete data or create new accounts with
full user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 102

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
An authenticated remote code execution vulnerability exists in Windows that is caused when
Server Message Block (SMB) improperly handles certain logging activities, resulting in memory
corruption.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft SMBv1 Server Authenticated Remote Code Execution Vulnerability (31858.
,→..
OID:[Link].4.1.25623.1.0.809225
Version used: 2024-06-21T[Link]Z

References
cve: CVE-2016-3345
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1406
dfn-cert: DFN-CERT-2016-1483

High (CVSS: 8.8)

NVT: Microsoft Uniscribe Multiple Vulnerabilities (4013076)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS17-011.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 1.626.7601.17514
Vulnerable range: Less than 1.626.7601.23688

Impact
Successful exploitation will allow an attacker to take control of the aected system, also to obtain
information to further compromise the user's system.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 103

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
Multiple aws exist due to:
- The way Windows Uniscribe handles objects in memory.
- When Windows Uniscribe improperly discloses the contents of its memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Uniscribe Multiple Vulnerabilities (4013076)
OID:[Link].4.1.25623.1.0.810812
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2017-0072
cve: CVE-2017-0083
cve: CVE-2017-0084
cve: CVE-2017-0085
cve: CVE-2017-0086
cve: CVE-2017-0087
cve: CVE-2017-0088
cve: CVE-2017-0089
cve: CVE-2017-0090
cve: CVE-2017-0091
cve: CVE-2017-0092
cve: CVE-2017-0111
cve: CVE-2017-0112
cve: CVE-2017-0113
cve: CVE-2017-0114
cve: CVE-2017-0115
cve: CVE-2017-0116
cve: CVE-2017-0117
cve: CVE-2017-0118
cve: CVE-2017-0119
. . . continues on next page . . .
2 RESULTS PER HOST 104

. . . continued from previous page . . .

cve: CVE-2017-0120
cve: CVE-2017-0121
cve: CVE-2017-0122
cve: CVE-2017-0123
cve: CVE-2017-0124
cve: CVE-2017-0125
cve: CVE-2017-0126
cve: CVE-2017-0127
cve: CVE-2017-0128
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451
2 RESULTS PER HOST 105

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4480970)

Summary
This host is missing an important security update according to Microsoft KB4480970

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 11.0.9600.19236
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code on a victim system, obtain
information to further compromise the user's system and gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple awss exists due to:
- Windows Jet Database Engine improperly handles objects in memory.
- Windows Runtime improperly handles objects in memory.
- Windows kernel improperly handles objects in memory.
- An error in the Microsoft XmlDocument class that could allow an attacker to escape from the
AppContainer sandbox in the browser.
- MSHTML engine improperly validates input.
- Windows improperly handles authentication requests.
- An elevation of privilege exists in Windows COM Desktop Broker.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4480970)
OID:[Link].4.1.25623.1.0.814650
Version used: 2025-04-11T[Link]Z

References
cve: CVE-2019-0536
cve: CVE-2019-0538
. . . continues on next page . . .
2 RESULTS PER HOST 106

. . . continued from previous page . . .

cve: CVE-2019-0541
cve: CVE-2019-0543
cve: CVE-2019-0584
cve: CVE-2019-0554
cve: CVE-2019-0549
cve: CVE-2019-0569
cve: CVE-2019-0583
cve: CVE-2019-0575
cve: CVE-2019-0576
cve: CVE-2019-0577
cve: CVE-2019-0578
cve: CVE-2019-0579
cve: CVE-2019-0580
cve: CVE-2019-0581
cve: CVE-2019-0582
cve: CVE-2018-3639
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2072
cert-bund: CB-K19/0271
cert-bund: CB-K19/0047
cert-bund: CB-K19/0024
cert-bund: CB-K19/0023
cert-bund: CB-K19/0019
cert-bund: CB-K18/1050
cert-bund: CB-K18/0686
cert-bund: CB-K18/0682
dfn-cert: DFN-CERT-2023-1947
dfn-cert: DFN-CERT-2023-1924
dfn-cert: DFN-CERT-2023-1904
dfn-cert: DFN-CERT-2023-1900
dfn-cert: DFN-CERT-2021-2551
dfn-cert: DFN-CERT-2020-1987
dfn-cert: DFN-CERT-2020-1935
dfn-cert: DFN-CERT-2020-1912
dfn-cert: DFN-CERT-2020-1783
dfn-cert: DFN-CERT-2020-1473
dfn-cert: DFN-CERT-2020-1078
dfn-cert: DFN-CERT-2019-0622
dfn-cert: DFN-CERT-2019-0544
dfn-cert: DFN-CERT-2019-0286
dfn-cert: DFN-CERT-2019-0258
dfn-cert: DFN-CERT-2019-0168
dfn-cert: DFN-CERT-2019-0108
dfn-cert: DFN-CERT-2019-0069
. . . continues on next page . . .
2 RESULTS PER HOST 107

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2019-0047
dfn-cert: DFN-CERT-2019-0041
dfn-cert: DFN-CERT-2019-0039
dfn-cert: DFN-CERT-2018-2554
dfn-cert: DFN-CERT-2018-2441
dfn-cert: DFN-CERT-2018-2399
dfn-cert: DFN-CERT-2018-2349
dfn-cert: DFN-CERT-2018-2302
dfn-cert: DFN-CERT-2018-2217
dfn-cert: DFN-CERT-2018-2213
dfn-cert: DFN-CERT-2018-1982
dfn-cert: DFN-CERT-2018-1929
dfn-cert: DFN-CERT-2018-1869
dfn-cert: DFN-CERT-2018-1767
dfn-cert: DFN-CERT-2018-1734
dfn-cert: DFN-CERT-2018-1658
dfn-cert: DFN-CERT-2018-1651
dfn-cert: DFN-CERT-2018-1627
dfn-cert: DFN-CERT-2018-1624
dfn-cert: DFN-CERT-2018-1500
dfn-cert: DFN-CERT-2018-1494
dfn-cert: DFN-CERT-2018-1493
dfn-cert: DFN-CERT-2018-1446
dfn-cert: DFN-CERT-2018-1435
dfn-cert: DFN-CERT-2018-1374
dfn-cert: DFN-CERT-2018-1353
dfn-cert: DFN-CERT-2018-1351
dfn-cert: DFN-CERT-2018-1323
dfn-cert: DFN-CERT-2018-1304
dfn-cert: DFN-CERT-2018-1270
dfn-cert: DFN-CERT-2018-1260
dfn-cert: DFN-CERT-2018-1234
dfn-cert: DFN-CERT-2018-1228
dfn-cert: DFN-CERT-2018-1205
dfn-cert: DFN-CERT-2018-1183
dfn-cert: DFN-CERT-2018-1151
dfn-cert: DFN-CERT-2018-1129
dfn-cert: DFN-CERT-2018-1117
dfn-cert: DFN-CERT-2018-1105
dfn-cert: DFN-CERT-2018-1042
dfn-cert: DFN-CERT-2018-1041
dfn-cert: DFN-CERT-2018-1025
dfn-cert: DFN-CERT-2018-1023
dfn-cert: DFN-CERT-2018-0993
dfn-cert: DFN-CERT-2018-0992
dfn-cert: DFN-CERT-2018-0991
. . . continues on next page . . .
2 RESULTS PER HOST 108

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-0987
dfn-cert: DFN-CERT-2018-0976
dfn-cert: DFN-CERT-2018-0973
dfn-cert: DFN-CERT-2018-0972
dfn-cert: DFN-CERT-2018-0970
dfn-cert: DFN-CERT-2018-0966

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4530734)

Summary
This host is missing a critical security update according to Microsoft KB4530734

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24540
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges, gain
access to sensitive information, cause denial of service and bypass security restrictions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Win32k component fails to properly handle objects in memory.
- win32k component improperly provides kernel information.
- Windows kernel improperly handles objects in memory.
- Windows improperly handles COM object creation.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4530734)
OID:[Link].4.1.25623.1.0.815737
. . . continues on next page . . .
2 RESULTS PER HOST 109

. . . continued from previous page . . .

Version used: 2022-08-09T[Link]Z

References
cve: CVE-2019-1453
cve: CVE-2019-1458
cve: CVE-2019-1465
cve: CVE-2019-1466
cve: CVE-2019-1467
cve: CVE-2019-1468
cve: CVE-2019-1469
cve: CVE-2019-1470
cve: CVE-2019-1474
cve: CVE-2019-1478
cve: CVE-2019-1480
cve: CVE-2019-1481
cve: CVE-2019-1484
cve: CVE-2019-1485
cve: CVE-2019-1488
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K19/1075
cert-bund: CB-K19/1063
dfn-cert: DFN-CERT-2019-2603
dfn-cert: DFN-CERT-2019-2601

High (CVSS: 8.8)

NVT: Microsoft Uniscribe Remote Code Execution Vulnerability (3204063)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-147.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 1.626.7601.17514
Vulnerable range: Less than 1.626.7601.23585

Impact
Successful exploitation will allow an attacker to take control of the aected system. An attacker
could then:
- install programs
- view, change, or delete data
- or create new accounts with full user rights.
. . . continues on next page . . .
2 RESULTS PER HOST 110

. . . continued from previous page . . .

Users whose accounts are congured to have fewer user rights on the system could be less im-
pacted than users who operate with administrative user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
The aw exists due to the way Windows Uniscribe handles objects in the memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Uniscribe Remote Code Execution Vulnerability (3204063)
OID:[Link].4.1.25623.1.0.809832
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-7274
url: [Link]
url: [Link]
cert-bund: CB-K16/1959
dfn-cert: DFN-CERT-2016-2066

High (CVSS: 8.8)

NVT: Microsoft Graphic Fonts Multiple Vulnerabilities (3143148)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-026.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 111

. . . continued from previous page . . .

File checked: C:\Windows\system32\[Link]
File version: [Link]
Vulnerable range: Less than [Link]

Impact
Successful exploitation will allow remote attackers to execute arbitrary code. Failed exploit
attempts will result in a denial-of-service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to the Windows Adobe Type Manager Library improperly handles specially
crafted OpenType fonts.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphic Fonts Multiple Vulnerabilities (3143148)
OID:[Link].4.1.25623.1.0.807513
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0121
cve: CVE-2016-0120
url: [Link]
url: [Link]
cert-bund: CB-K16/0383
dfn-cert: DFN-CERT-2016-0412

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4503292)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 112

. . . continued from previous page . . .

This host is missing a critical security update according to Microsoft KB4503292

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24475
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges by
escaping a sandbox, gain access to sensitive information, run processes and delete les and
folders in an elevated context.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Windows Event Viewer ([Link]) improperly parses XML input containing a reference
to an external entity.
- Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a
guest operating system.
- Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input.
- Windows GDI component improperly discloses the contents of its memory.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4503292)
OID:[Link].4.1.25623.1.0.815208
Version used: 2025-05-21T[Link]Z

References
cve: CVE-2017-8533
cve: CVE-2019-0713
cve: CVE-2019-0722
cve: CVE-2019-0888
cve: CVE-2019-0904
cve: CVE-2019-0905
cve: CVE-2019-0906
. . . continues on next page . . .
2 RESULTS PER HOST 113

. . . continued from previous page . . .

cve: CVE-2019-0907
cve: CVE-2019-0908
cve: CVE-2019-0909
cve: CVE-2019-0920
cve: CVE-2019-0941
cve: CVE-2019-0943
cve: CVE-2019-0948
cve: CVE-2019-0960
cve: CVE-2019-0968
cve: CVE-2019-0972
cve: CVE-2019-0973
cve: CVE-2019-0974
cve: CVE-2019-0977
cve: CVE-2019-0984
cve: CVE-2019-0985
cve: CVE-2019-0986
cve: CVE-2019-0988
cve: CVE-2019-1005
cve: CVE-2019-1009
cve: CVE-2019-1010
cve: CVE-2019-1011
cve: CVE-2019-1012
cve: CVE-2019-1013
cve: CVE-2019-1014
cve: CVE-2019-1015
cve: CVE-2019-1016
cve: CVE-2019-1017
cve: CVE-2019-1019
cve: CVE-2019-1025
cve: CVE-2019-1028
cve: CVE-2019-1038
cve: CVE-2019-1039
cve: CVE-2019-1040
cve: CVE-2019-1043
cve: CVE-2019-1045
cve: CVE-2019-1046
cve: CVE-2019-1047
cve: CVE-2019-1048
cve: CVE-2019-1049
cve: CVE-2019-1053
cve: CVE-2019-1055
cve: CVE-2019-1080
cve: CVE-2019-1081
url: [Link]
cert-bund: CB-K19/0500
cert-bund: CB-K19/0499
cert-bund: CB-K19/0497
. . . continues on next page . . .
2 RESULTS PER HOST 114

. . . continued from previous page . . .

cert-bund: CB-K17/0993
cert-bund: CB-K17/0992
dfn-cert: DFN-CERT-2019-1188
dfn-cert: DFN-CERT-2019-1186
dfn-cert: DFN-CERT-2019-1178
dfn-cert: DFN-CERT-2017-1023
dfn-cert: DFN-CERT-2017-1022

High (CVSS: 8.8)

NVT: Microsoft Internet Explorer Multiple Vulnerabilities (3204059)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-144.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: Less than 11.0.9600.18538

Impact
Successful exploitation will allow remote attackers to execute arbitrary code in the context of
the current user, also could gain the same user rights as the current user, and obtain information
to further compromise the user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Internet Explorer version 9.x/10.x/11.x.

Vulnerability Insight
Multiple aws exist due to:
- The way that the aected components handle objects in memory.
- Microsoft browsers improperly accesses objects in memory.
- Microsoft browsers fail to correctly apply Same Origin Policy for scripts running inside Web
Workers.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Vulnerabilities (3204059)
OID:[Link].4.1.25623.1.0.809833
. . . continues on next page . . .
2 RESULTS PER HOST 115

. . . continued from previous page . . .

Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-7202
cve: CVE-2016-7278
cve: CVE-2016-7279
cve: CVE-2016-7281
cve: CVE-2016-7282
cve: CVE-2016-7283
cve: CVE-2016-7284
cve: CVE-2016-7287
url: [Link]
url: [Link]
cert-bund: CB-K16/1949
cert-bund: CB-K16/1948
cert-bund: CB-K16/1744
dfn-cert: DFN-CERT-2016-2060
dfn-cert: DFN-CERT-2016-2059
dfn-cert: DFN-CERT-2016-1847

High (CVSS: 8.8)

NVT: Microsoft Internet Explorer Multiple Vulnerabilities (4013073)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS17-006.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: Less than 11.0.9600.18618

Impact
Successful exploitation will allow remote attackers to gain elevated privileges, gain access to
potentially sensitive information, execute arbitrary code in the context of the current user and
conduct spoong attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 116

. . . continued from previous page . . .

Microsoft Internet Explorer version 9.x/10.x/11.x.

Vulnerability Insight
Multiple aws exist due to:
- Multiple errors in the components handling objects in memory.
- Microsoft browsers improperly access objects in memory.
- An error in Microsoft browser which does not properly parse HTTP responses.
- Multiple errors in JScript and VBScript engines rendering when handling objects in memory.
- An error in Internet Explorer which does not properly enforce cross-domain policies.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Vulnerabilities (4013073)
OID:[Link].4.1.25623.1.0.810625
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2017-0008
cve: CVE-2017-0009
cve: CVE-2017-0012
cve: CVE-2017-0018
cve: CVE-2017-0033
cve: CVE-2017-0037
cve: CVE-2017-0040
cve: CVE-2017-0049
cve: CVE-2017-0059
cve: CVE-2017-0130
cve: CVE-2017-0149
cve: CVE-2017-0154
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0439
cert-bund: CB-K17/0436
cert-bund: CB-K17/0338
dfn-cert: DFN-CERT-2017-0450
dfn-cert: DFN-CERT-2017-0444
dfn-cert: DFN-CERT-2017-0348

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5018454)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 117

. . . continued from previous page . . .

This host is missing an important security update according to Microsoft KB5018454

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.26174
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privilege, execute arbitrary code and
conduct DoS attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- A Remote Code Execution Vulnerability in Windows Point-to-Point Tunneling Protocol.
- An elevation of privilege vulnerability in Active Directory Domain Services.
- A Denial of Service Vulnerability in Windows TCP/IP Driver.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5018454)
OID:[Link].4.1.25623.1.0.826570
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-22035
cve: CVE-2022-24504
cve: CVE-2022-30198
cve: CVE-2022-33634
cve: CVE-2022-33635
cve: CVE-2022-33645
cve: CVE-2022-35770
cve: CVE-2022-37975
cve: CVE-2022-37976
cve: CVE-2022-37977
. . . continues on next page . . .
2 RESULTS PER HOST 118

. . . continued from previous page . . .

cve: CVE-2022-37978
cve: CVE-2022-37981
cve: CVE-2022-37982
cve: CVE-2022-37985
cve: CVE-2022-37986
cve: CVE-2022-37987
cve: CVE-2022-37988
cve: CVE-2022-37989
cve: CVE-2022-37990
cve: CVE-2022-37991
cve: CVE-2022-37993
cve: CVE-2022-37994
cve: CVE-2022-37997
cve: CVE-2022-37999
cve: CVE-2022-38000
cve: CVE-2022-38022
cve: CVE-2022-38026
cve: CVE-2022-38029
cve: CVE-2022-38031
cve: CVE-2022-38032
cve: CVE-2022-38033
cve: CVE-2022-38034
cve: CVE-2022-38037
cve: CVE-2022-38038
cve: CVE-2022-38040
cve: CVE-2022-38041
cve: CVE-2022-38042
cve: CVE-2022-38043
cve: CVE-2022-38044
cve: CVE-2022-38047
cve: CVE-2022-38051
cve: CVE-2022-41033
cve: CVE-2022-41081
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2022-1682
dfn-cert: DFN-CERT-2022-2249

High (CVSS: 8.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (3199120)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-132.

. . . continues on next page . . .

2 RESULTS PER HOST 119

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23587

Impact
Successful exploitation will allow an attacker to install programs, view, change, or delete data,
or create new accounts with full user rights, and to obtain information to further compromise
the user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- the ATMFD component improperly discloses the contents of its memory.
- the Windows Animation Manager improperly handles objects in memory.
- the Windows font library improperly handles specially crafted embedded fonts.
- the Windows Media Foundation improperly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (3199120)
OID:[Link].4.1.25623.1.0.809466
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2016-7210
cve: CVE-2016-7205
cve: CVE-2016-7217
cve: CVE-2016-7256
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 120

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852

High (CVSS: 8.8)

NVT: Microsoft Internet Explorer Multiple Vulnerabilities (KB4018271)

Summary
This host is missing a critical security update according to Microsoft security updates KB4018271.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: Less than 11.0.9600.18666

Impact
Successful exploitation will allow attacker to trick a user by redirecting the user to a specially
crafted website, loading of unsecure content (HTTP) from secure locations (HTTPS) and to
execute arbitrary code in the context of the current [Link] the current user is logged on with
administrative user rights, an attacker who successfully exploited the vulnerability could take
control of an aected system. An attacker could then install programs, view, change, or delete
data or create new accounts with full user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Internet Explorer version 9.x, 10.x and 11.x.

Vulnerability Insight
Multiple aws exist due to:
- An error in the way JavaScript scripting engines handle objects in memory in Microsoft
browsers.
- An error when Microsoft browsers render SmartScreen Filter.
- An error when Internet Explorer improperly accesses objects in memory.
. . . continues on next page . . .
2 RESULTS PER HOST 121

. . . continued from previous page . . .

- An unspecied error.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Vulnerabilities (KB4018271)
OID:[Link].4.1.25623.1.0.811032
Version used: 2024-07-25T[Link]Z

References
cve: CVE-2017-0228
cve: CVE-2017-0064
cve: CVE-2017-0222
cve: CVE-2017-0226
cve: CVE-2017-0231
cve: CVE-2017-0238
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→-0222
url: [Link]
,→-0064
url: [Link]
,→-0226
url: [Link]
,→-0228
url: [Link]
,→-0231
url: [Link]
,→-0238
cert-bund: CB-K17/1378
cert-bund: CB-K17/0786
cert-bund: CB-K17/0781
dfn-cert: DFN-CERT-2017-1437
dfn-cert: DFN-CERT-2017-0810
dfn-cert: DFN-CERT-2017-0809
2 RESULTS PER HOST 122

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4493472)

Summary
This host is missing a critical security update according to Microsoft KB4493472

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24408
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code on a victim system, obtain
information to further compromise the user's system, gain elevated privileges, bypass security
features and cause denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist in,
- The IOleCvt interface improperly renders ASP webpage content.
- Windows Jet Database Engine improperly handles objects in memory.
- Windows GDI component improperly discloses the contents of its memory.
- The win32k component improperly provides kernel information.
- Speculative execution side-channel vulnerabilities.
- Error in Various Windows components.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4493472)
OID:[Link].4.1.25623.1.0.815033
Version used: 2023-10-27T[Link]Z

References
cve: CVE-2017-5753
cve: CVE-2017-5715
. . . continues on next page . . .
2 RESULTS PER HOST 123

. . . continued from previous page . . .

cve: CVE-2017-5754
cve: CVE-2019-0671
cve: CVE-2019-0673
cve: CVE-2019-0674
cve: CVE-2019-0730
cve: CVE-2019-0731
cve: CVE-2019-0732
cve: CVE-2019-0735
cve: CVE-2019-0752
cve: CVE-2019-0753
cve: CVE-2019-0764
cve: CVE-2019-0791
cve: CVE-2019-0792
cve: CVE-2019-0793
cve: CVE-2019-0794
cve: CVE-2019-0795
cve: CVE-2019-0796
cve: CVE-2019-0802
cve: CVE-2019-0803
cve: CVE-2019-0805
cve: CVE-2019-0835
cve: CVE-2019-0836
cve: CVE-2019-0838
cve: CVE-2019-0839
cve: CVE-2019-0842
cve: CVE-2019-0844
cve: CVE-2019-0845
cve: CVE-2019-0846
cve: CVE-2019-0847
cve: CVE-2019-0848
cve: CVE-2019-0849
cve: CVE-2019-0851
cve: CVE-2019-0853
cve: CVE-2019-0856
cve: CVE-2019-0859
cve: CVE-2019-0862
cve: CVE-2019-0877
cve: CVE-2019-0879
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1212
cert-bund: WID-SEC-2024-2008
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-0103
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-0532
. . . continues on next page . . .
2 RESULTS PER HOST 124

. . . continued from previous page . . .

cert-bund: CB-K20/0324
cert-bund: CB-K19/0774
cert-bund: CB-K19/0298
cert-bund: CB-K19/0297
cert-bund: CB-K19/0296
cert-bund: CB-K19/0137
cert-bund: CB-K18/1140
cert-bund: CB-K18/0898
cert-bund: CB-K18/0654
cert-bund: CB-K18/0651
cert-bund: CB-K18/0635
cert-bund: CB-K18/0601
cert-bund: CB-K18/0557
cert-bund: CB-K18/0551
cert-bund: CB-K18/0518
cert-bund: CB-K18/0472
cert-bund: CB-K18/0463
cert-bund: CB-K18/0398
cert-bund: CB-K18/0381
cert-bund: CB-K18/0370
cert-bund: CB-K18/0367
cert-bund: CB-K18/0356
cert-bund: CB-K18/0348
cert-bund: CB-K18/0347
cert-bund: CB-K18/0346
cert-bund: CB-K18/0338
cert-bund: CB-K18/0283
cert-bund: CB-K18/0257
cert-bund: CB-K18/0250
cert-bund: CB-K18/0244
cert-bund: CB-K18/0207
cert-bund: CB-K18/0184
cert-bund: CB-K18/0177
cert-bund: CB-K18/0165
cert-bund: CB-K18/0153
cert-bund: CB-K18/0148
cert-bund: CB-K18/0129
cert-bund: CB-K18/0099
cert-bund: CB-K18/0094
cert-bund: CB-K18/0054
cert-bund: CB-K18/0051
cert-bund: CB-K18/0049
cert-bund: CB-K18/0046
cert-bund: CB-K18/0040
cert-bund: CB-K18/0039
cert-bund: CB-K18/0023
cert-bund: CB-K18/0022
. . . continues on next page . . .
2 RESULTS PER HOST 125

. . . continued from previous page . . .

cert-bund: CB-K18/0021
cert-bund: CB-K18/0020
cert-bund: CB-K18/0017
cert-bund: CB-K18/0016
cert-bund: CB-K18/0010
cert-bund: CB-K18/0009
cert-bund: CB-K17/2117
cert-bund: CB-K17/2113
dfn-cert: DFN-CERT-2025-1705
dfn-cert: DFN-CERT-2025-0942
dfn-cert: DFN-CERT-2023-1947
dfn-cert: DFN-CERT-2023-1568
dfn-cert: DFN-CERT-2023-1377
dfn-cert: DFN-CERT-2023-1164
dfn-cert: DFN-CERT-2023-0879
dfn-cert: DFN-CERT-2023-0877
dfn-cert: DFN-CERT-2023-0876
dfn-cert: DFN-CERT-2023-0848
dfn-cert: DFN-CERT-2023-0795
dfn-cert: DFN-CERT-2023-0794
dfn-cert: DFN-CERT-2023-0793
dfn-cert: DFN-CERT-2023-0507
dfn-cert: DFN-CERT-2022-0531
dfn-cert: DFN-CERT-2021-2537
dfn-cert: DFN-CERT-2021-1829
dfn-cert: DFN-CERT-2020-1783
dfn-cert: DFN-CERT-2019-2374
dfn-cert: DFN-CERT-2019-1987
dfn-cert: DFN-CERT-2019-1985
dfn-cert: DFN-CERT-2019-1837
dfn-cert: DFN-CERT-2019-1415
dfn-cert: DFN-CERT-2019-1235
dfn-cert: DFN-CERT-2019-1150
dfn-cert: DFN-CERT-2019-0725
dfn-cert: DFN-CERT-2019-0724
dfn-cert: DFN-CERT-2019-0720
dfn-cert: DFN-CERT-2019-0622
dfn-cert: DFN-CERT-2019-0613
dfn-cert: DFN-CERT-2019-0310
dfn-cert: DFN-CERT-2018-2539
dfn-cert: DFN-CERT-2018-2465
dfn-cert: DFN-CERT-2018-2399
dfn-cert: DFN-CERT-2018-1869
dfn-cert: DFN-CERT-2018-1819
dfn-cert: DFN-CERT-2018-1794
dfn-cert: DFN-CERT-2018-1734
dfn-cert: DFN-CERT-2018-1726
. . . continues on next page . . .
2 RESULTS PER HOST 126

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-1550
dfn-cert: DFN-CERT-2018-1504
dfn-cert: DFN-CERT-2018-1500
dfn-cert: DFN-CERT-2018-1494
dfn-cert: DFN-CERT-2018-1493
dfn-cert: DFN-CERT-2018-1446
dfn-cert: DFN-CERT-2018-1435
dfn-cert: DFN-CERT-2018-1386
dfn-cert: DFN-CERT-2018-1385
dfn-cert: DFN-CERT-2018-1364
dfn-cert: DFN-CERT-2018-1117
dfn-cert: DFN-CERT-2018-1108
dfn-cert: DFN-CERT-2018-1032
dfn-cert: DFN-CERT-2018-1008
dfn-cert: DFN-CERT-2018-0991
dfn-cert: DFN-CERT-2018-0988
dfn-cert: DFN-CERT-2018-0933
dfn-cert: DFN-CERT-2018-0931
dfn-cert: DFN-CERT-2018-0878
dfn-cert: DFN-CERT-2018-0857
dfn-cert: DFN-CERT-2018-0821
dfn-cert: DFN-CERT-2018-0819
dfn-cert: DFN-CERT-2018-0818
dfn-cert: DFN-CERT-2018-0815
dfn-cert: DFN-CERT-2018-0808
dfn-cert: DFN-CERT-2018-0799
dfn-cert: DFN-CERT-2018-0796
dfn-cert: DFN-CERT-2018-0794
dfn-cert: DFN-CERT-2018-0760
dfn-cert: DFN-CERT-2018-0728
dfn-cert: DFN-CERT-2018-0682
dfn-cert: DFN-CERT-2018-0663
dfn-cert: DFN-CERT-2018-0631
dfn-cert: DFN-CERT-2018-0625
dfn-cert: DFN-CERT-2018-0605
dfn-cert: DFN-CERT-2018-0598
dfn-cert: DFN-CERT-2018-0552
dfn-cert: DFN-CERT-2018-0510
dfn-cert: DFN-CERT-2018-0499
dfn-cert: DFN-CERT-2018-0427
dfn-cert: DFN-CERT-2018-0410
dfn-cert: DFN-CERT-2018-0397
dfn-cert: DFN-CERT-2018-0394
dfn-cert: DFN-CERT-2018-0382
dfn-cert: DFN-CERT-2018-0377
dfn-cert: DFN-CERT-2018-0375
dfn-cert: DFN-CERT-2018-0372
. . . continues on next page . . .
2 RESULTS PER HOST 127

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-0367
dfn-cert: DFN-CERT-2018-0310
dfn-cert: DFN-CERT-2018-0276
dfn-cert: DFN-CERT-2018-0267
dfn-cert: DFN-CERT-2018-0262
dfn-cert: DFN-CERT-2018-0224
dfn-cert: DFN-CERT-2018-0200
dfn-cert: DFN-CERT-2018-0194
dfn-cert: DFN-CERT-2018-0181
dfn-cert: DFN-CERT-2018-0167
dfn-cert: DFN-CERT-2018-0163
dfn-cert: DFN-CERT-2018-0137
dfn-cert: DFN-CERT-2018-0104
dfn-cert: DFN-CERT-2018-0096
dfn-cert: DFN-CERT-2018-0066
dfn-cert: DFN-CERT-2018-0058
dfn-cert: DFN-CERT-2018-0054
dfn-cert: DFN-CERT-2018-0053
dfn-cert: DFN-CERT-2018-0045
dfn-cert: DFN-CERT-2018-0044
dfn-cert: DFN-CERT-2018-0031
dfn-cert: DFN-CERT-2018-0030
dfn-cert: DFN-CERT-2018-0029
dfn-cert: DFN-CERT-2018-0025
dfn-cert: DFN-CERT-2018-0024
dfn-cert: DFN-CERT-2018-0022
dfn-cert: DFN-CERT-2018-0020
dfn-cert: DFN-CERT-2018-0019
dfn-cert: DFN-CERT-2017-2211
dfn-cert: DFN-CERT-2017-2210

High (CVSS: 8.8)

NVT: Microsoft RC4 Disabling Security Advisory (2868725)

Summary
This host is missing an important security update according to Microsoft advisory (2868725).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 128

. . . continued from previous page . . .

Successful exploitation will allow an attacker to perform man-in-the-middle attacks and recover
plain text from encrypted sessions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012

Vulnerability Insight
The aw is due to security issue in RC4 stream cipher used in Transport Layer Security(TLS)
and Secure Socket Layer(SSL).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft RC4 Disabling Security Advisory (2868725)
OID:[Link].4.1.25623.1.0.804142
Version used: 2023-07-27T[Link]Z

References
url: [Link]
url: [Link]

High (CVSS: 8.8)

NVT: 7zip Authentication Bypass Vulnerability - Windows

Summary
7zip is prone to an authentication bypass vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: 18.03
Installation
path / port: C:\Program Files\7-Zip\

Solution:
Solution type: VendorFix
Upgrade to 7zip version 18.03 or later.
. . . continues on next page . . .
2 RESULTS PER HOST 129

. . . continued from previous page . . .

Aected Software/OS
7zip through version 18.01.

Vulnerability Insight
7-Zip through 18.01 on Windows implements the Large memory pages option by calling the
LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's ac-
count, which makes it easier for attackers to bypass intended access restrictions by using this
privilege in the context of a sandboxed process.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7zip Authentication Bypass Vulnerability - Windows
OID:[Link].4.1.25623.1.0.107311
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-10172
url: [Link]
,→25&page=1#b240

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4462923)

Summary
This host is missing a critical security update according to Microsoft KB4462923

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24260
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to run arbitrary code, bypass security restrictions,
gain the same user rights as the current user, obtain information to further compromise the user's
system, improperly discloses le information and escalate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 130

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Windows Win32k component fails to properly handle objects in memory.
- Windows Hyper-V on a host server fails to properly validate input from an authenticated user
on a guest operating system.
- Microsoft XML Core Services MSXML parser improperly processes user input.
- Internet Explorer improperly accesses objects in memory.
- Filter Manager improperly handles objects in memory.
- Windows TCP/IP stack improperly handles fragmented IP packets.
- Windows Media Player improperly discloses le information.
- Windows Graphics Device Interface (GDI) improperly handles objects in memory.
- DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.
- Windows kernel improperly handles objects in memory.
- Windows Theme API does not properly decompress les.
- NTFS improperly checks access.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4462923)
OID:[Link].4.1.25623.1.0.814084
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-8320
cve: CVE-2018-8330
cve: CVE-2018-8333
cve: CVE-2018-8411
cve: CVE-2018-8413
cve: CVE-2018-8423
cve: CVE-2018-8432
cve: CVE-2018-8453
cve: CVE-2018-8460
cve: CVE-2018-8472
cve: CVE-2018-8481
cve: CVE-2018-8482
cve: CVE-2018-8486
cve: CVE-2018-8489
cve: CVE-2018-8491
cve: CVE-2018-8494
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K18/0992
. . . continues on next page . . .
2 RESULTS PER HOST 131

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-2059
dfn-cert: DFN-CERT-2018-2058
dfn-cert: DFN-CERT-2018-2055

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4457144)

Summary
This host is missing a critical security update according to Microsoft KB4457144.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 11.0.9600.19130
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514

Impact
Successful exploitation will allow an attacker to crash the aected system, execute arbitrary code
on the host operating system, disclose contents of System memory and also read privileged data
across trust boundaries.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit/x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Denial of service vulnerability (named 'FragmentSmack').
- Hyper-V on a host server fails to properly validate guest operating system user input.
- Windows [Link] kernel-mode driver fails to properly handle objects in memory.
- Browser scripting engine improperly handle object types.
- Windows font library improperly handles specially crafted embedded fonts.
- Windows kernel improperly handles objects in memory.
- Microsoft JET Database Engine improperly handles objects in memory.
- Windows Kernel API improperly handles registry objects in memory.
- Windows kernel fails to properly initialize a memory address.
- MSXML parser improperly processes user input.
- Windows GDI component improperly handles objects in memory.
- Windows GDI component improperly discloses the contents of its memory.
. . . continues on next page . . .
2 RESULTS PER HOST 132

. . . continued from previous page . . .

- Windows Graphics component improperly handles objects in memory.
- Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
- Internet Explorer improperly accesses objects in memory.
- Scripting engine improperly handles objects in memory.
- Windows improperly parses les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4457144)
OID:[Link].4.1.25623.1.0.814015
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2018-5391
cve: CVE-2018-8271
cve: CVE-2018-8315
cve: CVE-2018-8332
cve: CVE-2018-8336
cve: CVE-2018-8392
cve: CVE-2018-8393
cve: CVE-2018-8410
cve: CVE-2018-8419
cve: CVE-2018-8420
cve: CVE-2018-8422
cve: CVE-2018-8424
cve: CVE-2018-8433
cve: CVE-2018-8434
cve: CVE-2018-8440
cve: CVE-2018-8442
cve: CVE-2018-8443
cve: CVE-2018-8446
cve: CVE-2018-8447
cve: CVE-2018-8452
cve: CVE-2018-8457
cve: CVE-2018-8468
cve: CVE-2018-8470
cve: CVE-2018-8475
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-0508
cert-bund: CB-K18/0913
cert-bund: CB-K18/0854
dfn-cert: DFN-CERT-2019-1026
dfn-cert: DFN-CERT-2019-0562
dfn-cert: DFN-CERT-2019-0544
dfn-cert: DFN-CERT-2019-0453
. . . continues on next page . . .
2 RESULTS PER HOST 133

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-0442
dfn-cert: DFN-CERT-2019-0069
dfn-cert: DFN-CERT-2018-2398
dfn-cert: DFN-CERT-2018-2366
dfn-cert: DFN-CERT-2018-2335
dfn-cert: DFN-CERT-2018-2260
dfn-cert: DFN-CERT-2018-2213
dfn-cert: DFN-CERT-2018-2206
dfn-cert: DFN-CERT-2018-2118
dfn-cert: DFN-CERT-2018-2117
dfn-cert: DFN-CERT-2018-2063
dfn-cert: DFN-CERT-2018-1943
dfn-cert: DFN-CERT-2018-1857
dfn-cert: DFN-CERT-2018-1850
dfn-cert: DFN-CERT-2018-1847
dfn-cert: DFN-CERT-2018-1846
dfn-cert: DFN-CERT-2018-1845
dfn-cert: DFN-CERT-2018-1782
dfn-cert: DFN-CERT-2018-1730
dfn-cert: DFN-CERT-2018-1670
dfn-cert: DFN-CERT-2018-1661
dfn-cert: DFN-CERT-2018-1657
dfn-cert: DFN-CERT-2018-1635
dfn-cert: DFN-CERT-2018-1634
dfn-cert: DFN-CERT-2018-1632
dfn-cert: DFN-CERT-2018-1626
dfn-cert: DFN-CERT-2018-1617

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4343900)

Summary
This host is missing a critical security update according to Microsoft KB4343900

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 11.0.9600.19101
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 134

. . . continued from previous page . . .

Successful exploitation will allow an attacker to execute arbitrary code, run processes in an
elevated context, obtain information to further compromise the user's system, trick a user into
believing that the user was on a legitimate website, read privileged data across trust boundaries
and also bypass certain security restrictions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- A new speculative execution side channel vulnerability known as L1 Terminal Fault.
- Internet Explorer improperly validates hyperlinks before loading executable libraries.
- Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.
- NDIS fails to check the length of a buer prior to copying memory to it.
- Windows font library improperly handles specially crafted embedded fonts.
- An improper processing for a .LNK le.
- 'Microsoft COM for Windows' fails to properly handle serialized objects.
- Microsoft browsers improperly allow cross-frame interaction.
- Microsoft browsers allowing sandbox escape.
- Microsoft Edge improperly handles redirect requests and specic HTML content.
- Microsoft .NET Framework improperly access information in multi-tenant environments.
- WebAudio Library improperly handles audio requests.
- Windows GDI component improperly discloses the contents of its memory.
- Windows PDF Library improperly handles objects in memory.
- Windows Shell does not properly validate le paths.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4343900)
OID:[Link].4.1.25623.1.0.813845
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2018-3615
cve: CVE-2018-3620
cve: CVE-2018-3646
cve: CVE-2018-8316
cve: CVE-2018-8339
cve: CVE-2018-8341
cve: CVE-2018-8342
cve: CVE-2018-8343
. . . continues on next page . . .
2 RESULTS PER HOST 135

. . . continued from previous page . . .

cve: CVE-2018-8345
cve: CVE-2018-8348
cve: CVE-2018-8349
cve: CVE-2018-8344
cve: CVE-2018-8351
cve: CVE-2018-8353
cve: CVE-2018-8355
cve: CVE-2018-8346
cve: CVE-2018-8371
cve: CVE-2018-8372
cve: CVE-2018-8373
cve: CVE-2018-8385
cve: CVE-2018-8389
cve: CVE-2018-8394
cve: CVE-2018-8396
cve: CVE-2018-8397
cve: CVE-2018-8398
cve: CVE-2018-8403
cve: CVE-2018-8404
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1212
cert-bund: CB-K19/0047
cert-bund: CB-K18/1050
cert-bund: CB-K18/0867
cert-bund: CB-K18/0863
cert-bund: CB-K18/0862
cert-bund: CB-K18/0861
cert-bund: CB-K18/0858
dfn-cert: DFN-CERT-2019-0740
dfn-cert: DFN-CERT-2019-0108
dfn-cert: DFN-CERT-2019-0069
dfn-cert: DFN-CERT-2019-0004
dfn-cert: DFN-CERT-2018-2554
dfn-cert: DFN-CERT-2018-2441
dfn-cert: DFN-CERT-2018-2399
dfn-cert: DFN-CERT-2018-2349
dfn-cert: DFN-CERT-2018-2217
dfn-cert: DFN-CERT-2018-2182
dfn-cert: DFN-CERT-2018-2072
dfn-cert: DFN-CERT-2018-2066
dfn-cert: DFN-CERT-2018-1982
dfn-cert: DFN-CERT-2018-1929
dfn-cert: DFN-CERT-2018-1869
dfn-cert: DFN-CERT-2018-1863
dfn-cert: DFN-CERT-2018-1822
. . . continues on next page . . .
2 RESULTS PER HOST 136

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-1806
dfn-cert: DFN-CERT-2018-1782
dfn-cert: DFN-CERT-2018-1734
dfn-cert: DFN-CERT-2018-1722
dfn-cert: DFN-CERT-2018-1699
dfn-cert: DFN-CERT-2018-1677
dfn-cert: DFN-CERT-2018-1670
dfn-cert: DFN-CERT-2018-1666
dfn-cert: DFN-CERT-2018-1665
dfn-cert: DFN-CERT-2018-1661
dfn-cert: DFN-CERT-2018-1657
dfn-cert: DFN-CERT-2018-1656
dfn-cert: DFN-CERT-2018-1654
dfn-cert: DFN-CERT-2018-1653
dfn-cert: DFN-CERT-2018-1652
dfn-cert: DFN-CERT-2018-1651
dfn-cert: DFN-CERT-2018-1650
dfn-cert: DFN-CERT-2018-1637
dfn-cert: DFN-CERT-2018-1634
dfn-cert: DFN-CERT-2018-1632
dfn-cert: DFN-CERT-2018-1631
dfn-cert: DFN-CERT-2018-1629
dfn-cert: DFN-CERT-2018-1627
dfn-cert: DFN-CERT-2018-1625
dfn-cert: DFN-CERT-2018-1624
dfn-cert: DFN-CERT-2018-1623
dfn-cert: DFN-CERT-2018-1622
dfn-cert: DFN-CERT-2018-1621
dfn-cert: DFN-CERT-2018-1619
dfn-cert: DFN-CERT-2018-1617
dfn-cert: DFN-CERT-2018-1615
dfn-cert: DFN-CERT-2018-1614
dfn-cert: DFN-CERT-2018-1612
dfn-cert: DFN-CERT-2018-1606
dfn-cert: DFN-CERT-2018-1605
dfn-cert: DFN-CERT-2018-1601

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5034831)

Summary
This host is missing an important security update according to Microsoft KB5034831

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 137

. . . continued from previous page . . .

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.26958
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands,
disclose information, conduct spoong and denial of service attacks on an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1.

Vulnerability Insight
Multiple aws exist due to,
- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability.
- Windows Printing Service Spoong Vulnerability.
- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5034831)
OID:[Link].4.1.25623.1.0.832825
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2024-21420
cve: CVE-2024-21406
cve: CVE-2024-21375
cve: CVE-2024-21370
cve: CVE-2024-21368
cve: CVE-2024-21366
cve: CVE-2024-21365
cve: CVE-2024-21361
cve: CVE-2024-21360
cve: CVE-2024-21359
cve: CVE-2024-21358
cve: CVE-2024-21357
cve: CVE-2024-21356
cve: CVE-2024-21355
cve: CVE-2024-21354
cve: CVE-2024-21352
. . . continues on next page . . .
2 RESULTS PER HOST 138

. . . continued from previous page . . .

cve: CVE-2024-21350
cve: CVE-2024-21349
cve: CVE-2024-21347
cve: CVE-2024-21340
cve: CVE-2023-50387
cve: CVE-2024-21405
cve: CVE-2024-21391
cve: CVE-2024-21372
cve: CVE-2024-21369
cve: CVE-2024-21367
cve: CVE-2024-21363
url: [Link]
cert-bund: WID-SEC-2024-1313
cert-bund: WID-SEC-2024-1307
cert-bund: WID-SEC-2024-1248
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-1086
cert-bund: WID-SEC-2024-0387
cert-bund: WID-SEC-2024-0386
dfn-cert: DFN-CERT-2025-1459
dfn-cert: DFN-CERT-2025-0041
dfn-cert: DFN-CERT-2025-0010
dfn-cert: DFN-CERT-2024-2264
dfn-cert: DFN-CERT-2024-1904
dfn-cert: DFN-CERT-2024-1516
dfn-cert: DFN-CERT-2024-1474
dfn-cert: DFN-CERT-2024-1223
dfn-cert: DFN-CERT-2024-0984
dfn-cert: DFN-CERT-2024-0977
dfn-cert: DFN-CERT-2024-0921
dfn-cert: DFN-CERT-2024-0829
dfn-cert: DFN-CERT-2024-0529
dfn-cert: DFN-CERT-2024-0498
dfn-cert: DFN-CERT-2024-0404
dfn-cert: DFN-CERT-2024-0399
dfn-cert: DFN-CERT-2024-0387
dfn-cert: DFN-CERT-2024-0379
dfn-cert: DFN-CERT-2024-0375

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4103718)

Summary
This host is missing a critical security update according to Microsoft KB4103718

. . . continues on next page . . .

2 RESULTS PER HOST 139

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24117
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow attackers to gain the same user rights as the current user, run
arbitrary code, disclose sensitive information and run processes in an elevated context and it
may lead to further compromise of the system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Microsoft browsers improperly access objects in memory.
- The Win32k component fails to properly handle objects in memory.
- Windows kernel fails to properly handle objects in memory.
- The VBScript engine improperly handles objects in memory.
- The scripting engine improperly handles objects in memory in Microsoft browsers.
- Windows Common Log File System (CLFS) driver improperly handles objects in memory.
- Chakra improperly discloses the contents of its memory.
- Windows Hyper-V on a host server fails to properly validate input from an authenticated user
on a guest operating system.
- Windows 'its://' protocol handler unnecessarily sends trac to a remote site in order to deter-
mine the zone of a provided URL.
- An error in Credential Security Support Provider protocol (CredSSP).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4103718)
OID:[Link].4.1.25623.1.0.813336
Version used: 2024-08-09T[Link]Z

References
cve: CVE-2018-0954
cve: CVE-2018-0955
cve: CVE-2018-0959
cve: CVE-2018-1022
. . . continues on next page . . .
2 RESULTS PER HOST 140

. . . continued from previous page . . .

cve: CVE-2018-1025
cve: CVE-2018-8114
cve: CVE-2018-8120
cve: CVE-2018-8122
cve: CVE-2018-8124
cve: CVE-2018-8127
cve: CVE-2018-8136
cve: CVE-2018-8145
cve: CVE-2018-8164
cve: CVE-2018-8166
cve: CVE-2018-8167
cve: CVE-2018-8174
cve: CVE-2018-8178
cve: CVE-2018-8897
cve: CVE-2018-0824
cve: CVE-2017-11927
cve: CVE-2018-0886
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K18/0698
cert-bund: CB-K18/0662
cert-bund: CB-K18/0660
cert-bund: CB-K18/0659
cert-bund: CB-K18/0657
cert-bund: CB-K18/0654
cert-bund: CB-K18/0653
cert-bund: CB-K18/0652
cert-bund: CB-K18/0630
cert-bund: CB-K18/0461
cert-bund: CB-K17/2149
dfn-cert: DFN-CERT-2020-1810
dfn-cert: DFN-CERT-2019-0142
dfn-cert: DFN-CERT-2018-2349
dfn-cert: DFN-CERT-2018-2309
dfn-cert: DFN-CERT-2018-1446
dfn-cert: DFN-CERT-2018-1441
dfn-cert: DFN-CERT-2018-1072
dfn-cert: DFN-CERT-2018-1059
dfn-cert: DFN-CERT-2018-0988
dfn-cert: DFN-CERT-2018-0936
dfn-cert: DFN-CERT-2018-0933
dfn-cert: DFN-CERT-2018-0931
dfn-cert: DFN-CERT-2018-0928
dfn-cert: DFN-CERT-2018-0914
dfn-cert: DFN-CERT-2018-0896
dfn-cert: DFN-CERT-2018-0895
. . . continues on next page . . .
2 RESULTS PER HOST 141

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-0890
dfn-cert: DFN-CERT-2018-0889
dfn-cert: DFN-CERT-2018-0888
dfn-cert: DFN-CERT-2018-0887
dfn-cert: DFN-CERT-2018-0886
dfn-cert: DFN-CERT-2018-0885
dfn-cert: DFN-CERT-2018-0884
dfn-cert: DFN-CERT-2018-0883
dfn-cert: DFN-CERT-2018-0882
dfn-cert: DFN-CERT-2018-0881
dfn-cert: DFN-CERT-2018-0878
dfn-cert: DFN-CERT-2018-0874
dfn-cert: DFN-CERT-2018-0873
dfn-cert: DFN-CERT-2018-0871
dfn-cert: DFN-CERT-2018-0869
dfn-cert: DFN-CERT-2018-0868
dfn-cert: DFN-CERT-2018-0865
dfn-cert: DFN-CERT-2018-0785
dfn-cert: DFN-CERT-2018-0493
dfn-cert: DFN-CERT-2017-2253

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4093118)

Summary
This host is missing a critical security update according to Microsoft KB4093118

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: Less than 11.0.9600.18978

Impact
Successful exploitation will allow an attacker to take control of the aected system, obtain
information to further compromise the user's system, execute arbitrary code, retrieve the memory
address of a kernel object, cause a target system to stop responding.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 142

. . . continued from previous page . . .

- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- When the Windows font library improperly handles specially crafted embedded fonts.
- When Internet Explorer improperly accesses objects in memory.
- When the Windows kernel fails to properly initialize a memory address.
- When the scripting engine does not properly handle objects in memory in Internet Explorer.
- In Windows Adobe Type Manager Font Driver (ATMFD.
- In the Windows kernel that could allow an attacker to retrieve information that could lead to
a Kernel Address Space Layout Randomization (ASLR) bypass.
- In the way that Windows SNMP Service handles malformed SNMP traps.
- When the Windows kernel improperly handles objects in memory.
- In the way that the VBScript engine handles objects in memory.
- In the way that Windows handles objects in memory.
- In Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP
and sends specially crafted requests.
- In the Microsoft JET Database Engine that could allow remote code execution on an aected
system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4093118)
OID:[Link].4.1.25623.1.0.812863
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-0870
cve: CVE-2018-0887
cve: CVE-2018-8116
cve: CVE-2018-0960
cve: CVE-2018-0967
cve: CVE-2018-0969
cve: CVE-2018-0970
cve: CVE-2018-0971
cve: CVE-2018-0972
cve: CVE-2018-0973
cve: CVE-2018-0974
cve: CVE-2018-0975
cve: CVE-2018-0976
cve: CVE-2018-0981
cve: CVE-2018-0987
cve: CVE-2018-0988
cve: CVE-2018-0989
cve: CVE-2018-0991
cve: CVE-2018-1003
. . . continues on next page . . .
2 RESULTS PER HOST 143

. . . continued from previous page . . .

cve: CVE-2018-1004
cve: CVE-2018-1008
cve: CVE-2018-1010
cve: CVE-2018-1012
cve: CVE-2018-1013
cve: CVE-2018-1015
cve: CVE-2018-1016
cve: CVE-2018-1018
cve: CVE-2018-1020
cve: CVE-2018-0996
cve: CVE-2018-0997
cve: CVE-2018-1000
cve: CVE-2018-1001
url: [Link]
cert-bund: CB-K18/0586
cert-bund: CB-K18/0585
dfn-cert: DFN-CERT-2018-0680
dfn-cert: DFN-CERT-2018-0678

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4561643)

Summary
This host is missing a critical security update according to Microsoft KB4561643

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24556
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges, disclose
sensitive information, conduct spoong and denial of service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

. . . continues on next page . . .

2 RESULTS PER HOST 144

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws exist due to:
- Multiple errors in Windows when the Windows kernel-mode driver fails to properly handle
objects in memory.
- An error when the Windows Background Intelligent Transfer Service (BITS) IIS module im-
properly handles uploaded content.
- An error when Windows Modules Installer Service improperly handles class object members.
- An error in the way that the VBScript engine handles objects in memory.
- An error when the Windows kernel fails to properly handle objects in memory.
- An error in the way Windows Error Reporting (WER) handles objects in memory. Please see
the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4561643)
OID:[Link].4.1.25623.1.0.817158
Version used: 2024-06-26T[Link]Z

References
cve: CVE-2020-1160
cve: CVE-2020-1194
cve: CVE-2020-1196
cve: CVE-2020-1207
cve: CVE-2020-1208
cve: CVE-2020-1212
cve: CVE-2020-1213
cve: CVE-2020-1214
cve: CVE-2020-1215
cve: CVE-2020-1216
cve: CVE-2020-1219
cve: CVE-2020-1220
cve: CVE-2020-1230
cve: CVE-2020-1236
cve: CVE-2020-1239
cve: CVE-2020-1246
cve: CVE-2020-1247
cve: CVE-2020-1251
cve: CVE-2020-1253
cve: CVE-2020-1254
cve: CVE-2020-1255
cve: CVE-2020-1260
cve: CVE-2020-1262
cve: CVE-2020-1263
cve: CVE-2020-1270
cve: CVE-2020-1271
cve: CVE-2020-1272
cve: CVE-2020-1281
. . . continues on next page . . .
2 RESULTS PER HOST 145

. . . continued from previous page . . .

cve: CVE-2020-1287
cve: CVE-2020-1291
cve: CVE-2020-1299
cve: CVE-2020-1300
cve: CVE-2020-1301
cve: CVE-2020-1302
cve: CVE-2020-1311
cve: CVE-2020-1314
cve: CVE-2020-1315
cve: CVE-2020-1317
cve: CVE-2020-1348
url: [Link]
cert-bund: CB-K20/0568
cert-bund: CB-K20/0565
cert-bund: CB-K20/0561
dfn-cert: DFN-CERT-2020-1227
dfn-cert: DFN-CERT-2020-1226
dfn-cert: DFN-CERT-2020-1225
dfn-cert: DFN-CERT-2020-1224
dfn-cert: DFN-CERT-2020-1223

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4516065)

Summary
This host is missing a critical security update according to Microsoft KB4516065

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24520
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to execute arbitrary code on a victim system,
obtain information to further compromise the user's system, gain elevated privileges and disclose
sensitive information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 146

. . . continued from previous page . . .

- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Windows Remote Desktop Client improperly handles connection requests.
- VBScript engine improperly handles objects in memory.
- Windows Common Log File System (CLFS) driver improperly handles objects in memory.
- [Link] (Winsock) improperly handles objects in memory.
- DirectX improperly handles objects in memory.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4516065)
OID:[Link].4.1.25623.1.0.815462
Version used: 2022-08-09T[Link]Z

References
cve: CVE-2018-12126
cve: CVE-2018-12127
cve: CVE-2018-12130
cve: CVE-2019-0787
cve: CVE-2019-11091
cve: CVE-2019-1208
cve: CVE-2019-1214
cve: CVE-2019-1215
cve: CVE-2019-1216
cve: CVE-2019-1219
cve: CVE-2019-1220
cve: CVE-2019-1221
cve: CVE-2019-1235
cve: CVE-2019-1236
cve: CVE-2019-1240
cve: CVE-2019-1241
cve: CVE-2019-1242
cve: CVE-2019-1243
cve: CVE-2019-1244
cve: CVE-2019-1245
cve: CVE-2019-1246
cve: CVE-2019-1247
cve: CVE-2019-1248
cve: CVE-2019-1249
cve: CVE-2019-1250
cve: CVE-2019-1252
cve: CVE-2019-1256
cve: CVE-2019-1267
. . . continues on next page . . .
2 RESULTS PER HOST 147

. . . continued from previous page . . .

cve: CVE-2019-1268
cve: CVE-2019-1271
cve: CVE-2019-1274
cve: CVE-2019-1280
cve: CVE-2019-1282
cve: CVE-2019-1283
cve: CVE-2019-1284
cve: CVE-2019-1285
cve: CVE-2019-1286
cve: CVE-2019-1290
cve: CVE-2019-1291
cve: CVE-2019-1293
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1692
cert-bund: CB-K19/0811
cert-bund: CB-K19/0806
cert-bund: CB-K19/0804
cert-bund: CB-K19/0803
cert-bund: CB-K19/0414
dfn-cert: DFN-CERT-2020-1041
dfn-cert: DFN-CERT-2020-0069
dfn-cert: DFN-CERT-2020-0048
dfn-cert: DFN-CERT-2019-2374
dfn-cert: DFN-CERT-2019-2214
dfn-cert: DFN-CERT-2019-1985
dfn-cert: DFN-CERT-2019-1898
dfn-cert: DFN-CERT-2019-1893
dfn-cert: DFN-CERT-2019-1889
dfn-cert: DFN-CERT-2019-1886
dfn-cert: DFN-CERT-2019-1767
dfn-cert: DFN-CERT-2019-1414
dfn-cert: DFN-CERT-2019-1235
dfn-cert: DFN-CERT-2019-1200
dfn-cert: DFN-CERT-2019-1172
dfn-cert: DFN-CERT-2019-1151
dfn-cert: DFN-CERT-2019-1149
dfn-cert: DFN-CERT-2019-1122
dfn-cert: DFN-CERT-2019-1083
dfn-cert: DFN-CERT-2019-1036
dfn-cert: DFN-CERT-2019-1032
dfn-cert: DFN-CERT-2019-1026
dfn-cert: DFN-CERT-2019-1025
dfn-cert: DFN-CERT-2019-1024
dfn-cert: DFN-CERT-2019-1017
dfn-cert: DFN-CERT-2019-1012
. . . continues on next page . . .
2 RESULTS PER HOST 148

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-1009
dfn-cert: DFN-CERT-2019-1005
dfn-cert: DFN-CERT-2019-1004
dfn-cert: DFN-CERT-2019-1003
dfn-cert: DFN-CERT-2019-1002
dfn-cert: DFN-CERT-2019-0994
dfn-cert: DFN-CERT-2019-0990
dfn-cert: DFN-CERT-2019-0989
dfn-cert: DFN-CERT-2019-0988
dfn-cert: DFN-CERT-2019-0987
dfn-cert: DFN-CERT-2019-0986
dfn-cert: DFN-CERT-2019-0977
dfn-cert: DFN-CERT-2019-0974
dfn-cert: DFN-CERT-2019-0971
dfn-cert: DFN-CERT-2019-0969
dfn-cert: DFN-CERT-2019-0950
dfn-cert: DFN-CERT-2018-2399

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4577051)

Summary
This host is missing a critical security update according to Microsoft KB4577051

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24560
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges, conduct
DoS condition and disclose sensitive information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 149

. . . continued from previous page . . .

Multiple aws exist due to errors,
- when the Windows RSoP Service Application improperly handles memory.
- when Active Directory integrated DNS (ADIDNS) mishandles objects in memory.
- in how [Link] handles certain calls.
- in the way that Microsoft COM for Windows handles objects in memory.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4577051)
OID:[Link].4.1.25623.1.0.817365
Version used: 2024-06-26T[Link]Z

References
cve: CVE-2020-0648
cve: CVE-2020-0664
cve: CVE-2020-0718
cve: CVE-2020-0761
cve: CVE-2020-0782
cve: CVE-2020-0790
cve: CVE-2020-0836
cve: CVE-2020-0838
cve: CVE-2020-0856
cve: CVE-2020-0878
cve: CVE-2020-0911
cve: CVE-2020-0912
cve: CVE-2020-0921
cve: CVE-2020-0922
cve: CVE-2020-1012
cve: CVE-2020-1013
cve: CVE-2020-1030
cve: CVE-2020-1031
cve: CVE-2020-1038
cve: CVE-2020-1039
cve: CVE-2020-1052
cve: CVE-2020-1074
cve: CVE-2020-1083
cve: CVE-2020-1091
cve: CVE-2020-1097
cve: CVE-2020-1115
cve: CVE-2020-1228
cve: CVE-2020-1245
cve: CVE-2020-1250
cve: CVE-2020-1252
cve: CVE-2020-1256
cve: CVE-2020-1285
cve: CVE-2020-1376
. . . continues on next page . . .
2 RESULTS PER HOST 150

. . . continued from previous page . . .

cve: CVE-2020-1491
cve: CVE-2020-1508
cve: CVE-2020-1559
cve: CVE-2020-1589
cve: CVE-2020-1593
cve: CVE-2020-1596
cve: CVE-2020-1598
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K20/0882
cert-bund: CB-K20/0880
cert-bund: CB-K20/0876
dfn-cert: DFN-CERT-2020-1955
dfn-cert: DFN-CERT-2020-1954
dfn-cert: DFN-CERT-2020-1953
dfn-cert: DFN-CERT-2020-1948

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4580345)

Summary
This host is missing a critical security update according to Microsoft KB4580345

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24561
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges and
disclose sensitive information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

. . . continues on next page . . .

2 RESULTS PER HOST 151

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws exist due to:
- An error when the Windows Network Connections Service handles objects in memory.
- An error when the Windows KernelStream fails to properly handles objects in memory.
- An error when Windows Hyper-V on a host server fails to properly validate input from an
authenticated user on a guest operating system.
- An error when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in
memory.
- An error when the Windows Event System improperly handles objects in memory.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4580345)
OID:[Link].4.1.25623.1.0.817511
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2020-16863
cve: CVE-2020-16887
cve: CVE-2020-16889
cve: CVE-2020-16891
cve: CVE-2020-16897
cve: CVE-2020-16900
cve: CVE-2020-16902
cve: CVE-2020-16912
cve: CVE-2020-16914
cve: CVE-2020-16916
cve: CVE-2020-16920
cve: CVE-2020-16922
cve: CVE-2020-16923
cve: CVE-2020-16924
cve: CVE-2020-16935
cve: CVE-2020-16936
cve: CVE-2020-16939
cve: CVE-2020-16940
cve: CVE-2020-16972
cve: CVE-2020-16973
cve: CVE-2020-16974
cve: CVE-2020-16975
cve: CVE-2020-16976
url: [Link]
cert-bund: CB-K20/0979
dfn-cert: DFN-CERT-2020-2244
2 RESULTS PER HOST 152

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5001335)

Summary
This host is missing a critical security update according to Microsoft KB5001335

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24576
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to perform remote code execution, conduct a denial-
of-service condition, gain access to potentially sensitive data, bypass security restrictions, conduct
spoong and elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Multiple errors in Windows Installer.
- An error in RPC Endpoint Mapper Service.
- An error in Microsoft Internet Messaging API.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5001335)
OID:[Link].4.1.25623.1.0.817693
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2021-26413
cve: CVE-2021-26415
cve: CVE-2021-27089
cve: CVE-2021-27091
. . . continues on next page . . .
2 RESULTS PER HOST 153

. . . continued from previous page . . .

cve: CVE-2021-27093
cve: CVE-2021-27095
cve: CVE-2021-27096
cve: CVE-2021-28309
cve: CVE-2021-28315
cve: CVE-2021-28316
cve: CVE-2021-28317
cve: CVE-2021-28318
cve: CVE-2021-28323
cve: CVE-2021-28327
cve: CVE-2021-28328
cve: CVE-2021-28329
cve: CVE-2021-28330
cve: CVE-2021-28331
cve: CVE-2021-28332
cve: CVE-2021-28333
cve: CVE-2021-28334
cve: CVE-2021-28335
cve: CVE-2021-28336
cve: CVE-2021-28337
cve: CVE-2021-28338
cve: CVE-2021-28339
cve: CVE-2021-28340
cve: CVE-2021-28341
cve: CVE-2021-28342
cve: CVE-2021-28343
cve: CVE-2021-28344
cve: CVE-2021-28345
cve: CVE-2021-28346
cve: CVE-2021-28348
cve: CVE-2021-28349
cve: CVE-2021-28350
cve: CVE-2021-28352
cve: CVE-2021-28353
cve: CVE-2021-28354
cve: CVE-2021-28355
cve: CVE-2021-28356
cve: CVE-2021-28357
cve: CVE-2021-28358
cve: CVE-2021-28434
cve: CVE-2021-28437
cve: CVE-2021-28439
cve: CVE-2021-28440
cve: CVE-2021-28443
cve: CVE-2021-28445
cve: CVE-2021-28446
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 154

. . . continued from previous page . . .

cert-bund: CB-K21/0374
dfn-cert: DFN-CERT-2021-0746

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5015861)

Summary
This host is missing an important security update according to Microsoft KB5015861

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 6.1.7601.0 - 6.1.7601.26021
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands,
disclose information, bypass security restrictions and conduct DoS attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Windows Fax Service.
- A Remote Code Execution Vulnerability in Windows Graphics Component.
- A Denial of Service Vulnerability in Windows Security Account Manager.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5015861)
OID:[Link].4.1.25623.1.0.821171
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-21845
. . . continues on next page . . .
2 RESULTS PER HOST 155

. . . continued from previous page . . .

cve: CVE-2022-22022
cve: CVE-2022-22023
cve: CVE-2022-22024
cve: CVE-2022-22025
cve: CVE-2022-22026
cve: CVE-2022-22027
cve: CVE-2022-22028
cve: CVE-2022-22029
cve: CVE-2022-22034
cve: CVE-2022-22036
cve: CVE-2022-22037
cve: CVE-2022-22039
cve: CVE-2022-22040
cve: CVE-2022-22042
cve: CVE-2022-22043
cve: CVE-2022-22047
cve: CVE-2022-22048
cve: CVE-2022-22049
cve: CVE-2022-22050
cve: CVE-2022-30202
cve: CVE-2022-30203
cve: CVE-2022-30205
cve: CVE-2022-30206
cve: CVE-2022-30208
cve: CVE-2022-30209
cve: CVE-2022-30211
cve: CVE-2022-30213
cve: CVE-2022-30220
cve: CVE-2022-30221
cve: CVE-2022-30223
cve: CVE-2022-30224
cve: CVE-2022-30225
cve: CVE-2022-30226
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2022-0649
dfn-cert: DFN-CERT-2022-1553
dfn-cert: DFN-CERT-2022-1293

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5014748)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 156

. . . continued from previous page . . .

This host is missing an important security update according to Microsoft KB5014748

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 6.1.7601.0 - 6.1.7601.25982
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands,
disclose information and conduct DoS attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Local Security Authority Subsystem Service.
- A Remote Code Execution Vulnerability in Windows Hyper-V.
- A Denial of Service Vulnerability in Windows Kernel.
The aw in the Microsoft Windows Support Diagnostic Tool (MSDT) and tracked via CVE-
2022-30190 is dubbed 'Follina'.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5014748)
OID:[Link].4.1.25623.1.0.817782
Version used: 2023-10-19T[Link]Z

References
cve: CVE-2022-21123
cve: CVE-2022-21125
cve: CVE-2022-21127
cve: CVE-2022-21166
cve: CVE-2022-30135
cve: CVE-2022-30140
cve: CVE-2022-30141
cve: CVE-2022-30142
. . . continues on next page . . .
2 RESULTS PER HOST 157

. . . continued from previous page . . .

cve: CVE-2022-30143
cve: CVE-2022-30146
cve: CVE-2022-30147
cve: CVE-2022-30149
cve: CVE-2022-30151
cve: CVE-2022-30152
cve: CVE-2022-30153
cve: CVE-2022-30155
cve: CVE-2022-30160
cve: CVE-2022-30161
cve: CVE-2022-30163
cve: CVE-2022-30166
cve: CVE-2022-30190
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→osoft-support-diagnostic-tool-vulnerability/
url: [Link]
,→ility-1a47fce5629e
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1432
cert-bund: WID-SEC-2022-1767
cert-bund: WID-SEC-2022-0336
cert-bund: WID-SEC-2022-0330
cert-bund: WID-SEC-2022-0325
cert-bund: WID-SEC-2022-0303
dfn-cert: DFN-CERT-2023-1230
dfn-cert: DFN-CERT-2023-0376
dfn-cert: DFN-CERT-2022-2858
dfn-cert: DFN-CERT-2022-2569
dfn-cert: DFN-CERT-2022-2446
dfn-cert: DFN-CERT-2022-2304
dfn-cert: DFN-CERT-2022-1725
dfn-cert: DFN-CERT-2022-1664
dfn-cert: DFN-CERT-2022-1663
dfn-cert: DFN-CERT-2022-1661
dfn-cert: DFN-CERT-2022-1640
dfn-cert: DFN-CERT-2022-1636
dfn-cert: DFN-CERT-2022-1596
dfn-cert: DFN-CERT-2022-1575
dfn-cert: DFN-CERT-2022-1552
dfn-cert: DFN-CERT-2022-1529
dfn-cert: DFN-CERT-2022-1523
dfn-cert: DFN-CERT-2022-1519
dfn-cert: DFN-CERT-2022-1488
. . . continues on next page . . .
2 RESULTS PER HOST 158

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-1481
dfn-cert: DFN-CERT-2022-1424
dfn-cert: DFN-CERT-2022-1413
dfn-cert: DFN-CERT-2022-1405
dfn-cert: DFN-CERT-2022-1378
dfn-cert: DFN-CERT-2022-1375
dfn-cert: DFN-CERT-2022-1371
dfn-cert: DFN-CERT-2022-1369
dfn-cert: DFN-CERT-2022-1365
dfn-cert: DFN-CERT-2022-1358
dfn-cert: DFN-CERT-2022-1345
dfn-cert: DFN-CERT-2022-1343
dfn-cert: DFN-CERT-2022-1342
dfn-cert: DFN-CERT-2022-1341
dfn-cert: DFN-CERT-2022-1338
dfn-cert: DFN-CERT-2022-1336
dfn-cert: DFN-CERT-2022-1334
dfn-cert: DFN-CERT-2022-1333
dfn-cert: DFN-CERT-2022-1328
dfn-cert: DFN-CERT-2022-1221

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4507449)

Summary
This host is missing a critical security update according to Microsoft KB4507449

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24499
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code on a victim system, obtain
information to further compromise the user's system and gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 159

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist as,
- Remote Desktop Services improperly handles clipboard redirection.
- Scripting Engine improperly handles objects in memory in Microsoft browsers.
- Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allow
signing of SAML tokens with arbitrary symmetric keys.
- Windows GDI component improperly handles objects in memory.
- An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default
setting.
- Kernel Information Disclosure Vulnerability (SWAPGS Attack).
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4507449)
OID:[Link].4.1.25623.1.0.815403
Version used: 2022-08-09T[Link]Z

References
cve: CVE-2019-0683
cve: CVE-2019-0887
cve: CVE-2019-1001
cve: CVE-2019-1004
cve: CVE-2019-1006
cve: CVE-2019-1056
cve: CVE-2019-1059
cve: CVE-2019-1063
cve: CVE-2019-1071
cve: CVE-2019-1073
cve: CVE-2019-1082
cve: CVE-2019-1085
cve: CVE-2019-1088
cve: CVE-2019-1089
cve: CVE-2019-1093
cve: CVE-2019-1094
cve: CVE-2019-1095
cve: CVE-2019-1096
cve: CVE-2019-1097
cve: CVE-2019-1098
cve: CVE-2019-1099
cve: CVE-2019-1100
cve: CVE-2019-1101
cve: CVE-2019-1102
cve: CVE-2019-1104
cve: CVE-2019-1108
. . . continues on next page . . .
2 RESULTS PER HOST 160

. . . continued from previous page . . .

cve: CVE-2019-1116
cve: CVE-2019-1125
cve: CVE-2019-1132
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K19/0692
cert-bund: CB-K19/0595
cert-bund: CB-K19/0593
cert-bund: CB-K19/0591
cert-bund: CB-K19/0586
cert-bund: CB-K19/0212
dfn-cert: DFN-CERT-2020-0048
dfn-cert: DFN-CERT-2019-2445
dfn-cert: DFN-CERT-2019-2247
dfn-cert: DFN-CERT-2019-2127
dfn-cert: DFN-CERT-2019-2096
dfn-cert: DFN-CERT-2019-2007
dfn-cert: DFN-CERT-2019-1987
dfn-cert: DFN-CERT-2019-1985
dfn-cert: DFN-CERT-2019-1907
dfn-cert: DFN-CERT-2019-1855
dfn-cert: DFN-CERT-2019-1843
dfn-cert: DFN-CERT-2019-1823
dfn-cert: DFN-CERT-2019-1808
dfn-cert: DFN-CERT-2019-1734
dfn-cert: DFN-CERT-2019-1725
dfn-cert: DFN-CERT-2019-1705
dfn-cert: DFN-CERT-2019-1702
dfn-cert: DFN-CERT-2019-1701
dfn-cert: DFN-CERT-2019-1699
dfn-cert: DFN-CERT-2019-1698
dfn-cert: DFN-CERT-2019-1697
dfn-cert: DFN-CERT-2019-1696
dfn-cert: DFN-CERT-2019-1689
dfn-cert: DFN-CERT-2019-1671
dfn-cert: DFN-CERT-2019-1664
dfn-cert: DFN-CERT-2019-1641
dfn-cert: DFN-CERT-2019-1613
dfn-cert: DFN-CERT-2019-1612
dfn-cert: DFN-CERT-2019-1609
dfn-cert: DFN-CERT-2019-1396
dfn-cert: DFN-CERT-2019-1392
dfn-cert: DFN-CERT-2019-1391
dfn-cert: DFN-CERT-2019-1387
dfn-cert: DFN-CERT-2019-1384
dfn-cert: DFN-CERT-2019-1383
. . . continues on next page . . .
2 RESULTS PER HOST 161

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-0506
dfn-cert: DFN-CERT-2018-2399

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4038777)

Summary
This host is missing a critical security update according to Microsoft KB4038777

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23889

Impact
Successful exploitation will allow an attacker to gain access to potentially sensitive information,
perform a man-in-the-middle attack and force a user's computer to unknowingly route trac
through the attacker's computer, execute arbitrary code on the target, embed an ActiveX control
marked safe for initialization, take complete control of the aected system and read arbitrary
les on the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An error when Windows Hyper-V on a host operating system fails to properly validate input
from an authenticated user on a guest operating system.
- An issue when the Windows kernel fails to properly initialize a memory address.
- An error when the Windows kernel improperly handles objects in memory.
- An error in Microsoft's implementation of the Bluetooth stack.
- An error in the way that Microsoft browser JavaScript engines render content when handling
objects in memory.
- An error when Windows Uniscribe improperly discloses the contents of its memory.
- An error due to the way Windows Uniscribe handles objects in memory.
- An error when Microsoft browsers improperly access objects in memory.
- An error when Internet Explorer improperly handles specic HTML content.
. . . continues on next page . . .
2 RESULTS PER HOST 162

. . . continued from previous page . . .

- An error in Microsoft browsers due to improper parent domain verication in certain function-
ality.
- An error in the way that the Windows Graphics Device Interface (GDI) handles objects in
memory, allowing an attacker to retrieve information from a targeted system.
- An error when the Windows GDI+ component improperly discloses kernel memory addresses.
- An error in Windows when the Windows kernel-mode driver fails to properly handle objects in
memory.
- An error when Windows Shell does not properly validate le copy destinations.
- An error in Windows kernel.
- An error when the Windows font library improperly handles specially crafted embedded fonts.
- An error in the Microsoft Common Console Document.
- An error in Windows when the Win32k component fails to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4038777)
OID:[Link].4.1.25623.1.0.811746
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2017-0161
cve: CVE-2017-8719
cve: CVE-2017-8720
cve: CVE-2017-8628
cve: CVE-2017-8733
cve: CVE-2017-8736
cve: CVE-2017-8675
cve: CVE-2017-8676
cve: CVE-2017-8741
cve: CVE-2017-8677
cve: CVE-2017-8678
cve: CVE-2017-8747
cve: CVE-2017-8748
cve: CVE-2017-8679
cve: CVE-2017-8680
cve: CVE-2017-8681
cve: CVE-2017-8749
cve: CVE-2017-8750
cve: CVE-2017-8682
cve: CVE-2017-8683
cve: CVE-2017-8684
cve: CVE-2017-8685
cve: CVE-2017-8687
cve: CVE-2017-8688
cve: CVE-2017-8696
cve: CVE-2017-8699
cve: CVE-2017-8707
. . . continues on next page . . .
2 RESULTS PER HOST 163

. . . continued from previous page . . .

cve: CVE-2017-8708
cve: CVE-2017-8709
cve: CVE-2017-8710
cve: CVE-2017-8695
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/1570
cert-bund: CB-K17/1553
cert-bund: CB-K17/1550
cert-bund: CB-K17/1548
cert-bund: CB-K17/1547
dfn-cert: DFN-CERT-2017-1634
dfn-cert: DFN-CERT-2017-1614
dfn-cert: DFN-CERT-2017-1613
dfn-cert: DFN-CERT-2017-1612
dfn-cert: DFN-CERT-2017-1611
2 RESULTS PER HOST 164

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5020000)

Summary
This host is missing a critical security update according to Microsoft KB5020000

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 11.0.9600.20671
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514

Impact
Successful exploitation will allow an attacker to disclose sensitive information, perform remote
code execution, cause denial of service condition and elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability.
- An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC.
- Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5020000)
OID:[Link].4.1.25623.1.0.826613
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-23824
cve: CVE-2022-37966
cve: CVE-2022-37967
cve: CVE-2022-37992
cve: CVE-2022-38023
. . . continues on next page . . .
2 RESULTS PER HOST 165

. . . continued from previous page . . .

cve: CVE-2022-41039
cve: CVE-2022-41044
cve: CVE-2022-41045
cve: CVE-2022-41047
cve: CVE-2022-41048
cve: CVE-2022-41053
cve: CVE-2022-41056
cve: CVE-2022-41057
cve: CVE-2022-41058
cve: CVE-2022-41073
cve: CVE-2022-41086
cve: CVE-2022-41090
cve: CVE-2022-41095
cve: CVE-2022-41097
cve: CVE-2022-41098
cve: CVE-2022-41109
cve: CVE-2022-41116
cve: CVE-2022-41118
cve: CVE-2022-41128
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-1737
cert-bund: WID-SEC-2022-2365
cert-bund: WID-SEC-2022-2001
cert-bund: WID-SEC-2022-1983
dfn-cert: DFN-CERT-2023-1592
dfn-cert: DFN-CERT-2023-1311
dfn-cert: DFN-CERT-2023-1162
dfn-cert: DFN-CERT-2023-0665
dfn-cert: DFN-CERT-2023-0286
dfn-cert: DFN-CERT-2023-0201
dfn-cert: DFN-CERT-2023-0199
dfn-cert: DFN-CERT-2023-0176
dfn-cert: DFN-CERT-2023-0153
dfn-cert: DFN-CERT-2023-0089
dfn-cert: DFN-CERT-2022-2870
dfn-cert: DFN-CERT-2022-2526
dfn-cert: DFN-CERT-2022-2429

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5004289)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 166

. . . continued from previous page . . .

This host is missing a critical security update according to Microsoft KB5004289

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.25661
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to perform remote code execution, gain access to
potentially sensitive data, conduct spoong and elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Windows Common Log File System Driver.
- A security feature bypass vulnerability in Kerberos AppContainer.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5004289)
OID:[Link].4.1.25623.1.0.817724
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2021-31183
cve: CVE-2021-31979
cve: CVE-2021-33745
cve: CVE-2021-33746
cve: CVE-2021-33749
cve: CVE-2021-33750
cve: CVE-2021-33752
cve: CVE-2021-33754
cve: CVE-2021-33756
cve: CVE-2021-33757
cve: CVE-2021-33764
. . . continues on next page . . .
2 RESULTS PER HOST 167

. . . continued from previous page . . .

cve: CVE-2021-33765
cve: CVE-2021-33780
cve: CVE-2021-33782
cve: CVE-2021-33783
cve: CVE-2021-33786
cve: CVE-2021-33788
cve: CVE-2021-34440
cve: CVE-2021-34441
cve: CVE-2021-34442
cve: CVE-2021-34444
cve: CVE-2021-34446
cve: CVE-2021-34447
cve: CVE-2021-34448
cve: CVE-2021-34456
cve: CVE-2021-34457
cve: CVE-2021-34476
cve: CVE-2021-34492
cve: CVE-2021-34494
cve: CVE-2021-34496
cve: CVE-2021-34497
cve: CVE-2021-34498
cve: CVE-2021-34499
cve: CVE-2021-34500
cve: CVE-2021-34504
cve: CVE-2021-34507
cve: CVE-2021-34511
cve: CVE-2021-34514
cve: CVE-2021-34516
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K21/0736
dfn-cert: DFN-CERT-2021-1484

High (CVSS: 8.8)

NVT: Oracle Java SE Security Update (Oct24-1) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
. . . continues on next page . . .
2 RESULTS PER HOST 168

. . . continued from previous page . . .

Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to disclose information and cause partial denial of
service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u421 and prior on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2023-42950: An error in the WebKitGTK component of Oracle Java SE.
- CVE-2024-25062: An error in the libxml2 component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Oct24-1) - Windows
OID:[Link].4.1.25623.1.0.834688
Version used: 2024-10-18T[Link]Z

References
cve: CVE-2023-42950
cve: CVE-2024-25062
url: [Link]
cert-bund: WID-SEC-2024-3377
cert-bund: WID-SEC-2024-3195
cert-bund: WID-SEC-2024-3189
cert-bund: WID-SEC-2024-1656
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1638
cert-bund: WID-SEC-2024-1637
cert-bund: WID-SEC-2024-1307
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-0869
cert-bund: WID-SEC-2024-0280
dfn-cert: DFN-CERT-2025-1798
dfn-cert: DFN-CERT-2025-1710
dfn-cert: DFN-CERT-2025-1316
dfn-cert: DFN-CERT-2025-0473
dfn-cert: DFN-CERT-2025-0294
dfn-cert: DFN-CERT-2024-2991
. . . continues on next page . . .
2 RESULTS PER HOST 169

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-2739
dfn-cert: DFN-CERT-2024-2738
dfn-cert: DFN-CERT-2024-1865
dfn-cert: DFN-CERT-2024-1846
dfn-cert: DFN-CERT-2024-1510
dfn-cert: DFN-CERT-2024-1504
dfn-cert: DFN-CERT-2024-1250
dfn-cert: DFN-CERT-2024-1092
dfn-cert: DFN-CERT-2024-0732
dfn-cert: DFN-CERT-2024-0716
dfn-cert: DFN-CERT-2024-0377

High (CVSS: 8.8)

NVT: Oracle Java SE Security Update (Oct24-1) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to disclose information and cause partial denial of
service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u421 and prior on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2023-42950: An error in the WebKitGTK component of Oracle Java SE.
- CVE-2024-25062: An error in the libxml2 component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 170

. . . continued from previous page . . .

Details: Oracle Java SE Security Update (Oct24-1) - Windows
OID:[Link].4.1.25623.1.0.834688
Version used: 2024-10-18T[Link]Z

References
cve: CVE-2023-42950
cve: CVE-2024-25062
url: [Link]
cert-bund: WID-SEC-2024-3377
cert-bund: WID-SEC-2024-3195
cert-bund: WID-SEC-2024-3189
cert-bund: WID-SEC-2024-1656
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1638
cert-bund: WID-SEC-2024-1637
cert-bund: WID-SEC-2024-1307
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-0869
cert-bund: WID-SEC-2024-0280
dfn-cert: DFN-CERT-2025-1798
dfn-cert: DFN-CERT-2025-1710
dfn-cert: DFN-CERT-2025-1316
dfn-cert: DFN-CERT-2025-0473
dfn-cert: DFN-CERT-2025-0294
dfn-cert: DFN-CERT-2024-2991
dfn-cert: DFN-CERT-2024-2739
dfn-cert: DFN-CERT-2024-2738
dfn-cert: DFN-CERT-2024-1865
dfn-cert: DFN-CERT-2024-1846
dfn-cert: DFN-CERT-2024-1510
dfn-cert: DFN-CERT-2024-1504
dfn-cert: DFN-CERT-2024-1250
dfn-cert: DFN-CERT-2024-1092
dfn-cert: DFN-CERT-2024-0732
dfn-cert: DFN-CERT-2024-0716
dfn-cert: DFN-CERT-2024-0377

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5005633)

Summary
This host is missing a critical security update according to Microsoft KB5005633

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 171

. . . continued from previous page . . .

Vulnerability Detection Result
Vulnerable range: Less than 11.0.9600.20120
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514

Impact
Successful exploitation will allow an attacker to disclose sensitive information, perform remote
code execution, cause denial of service condition, conduct spoong and elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An error in Windows Ancillary Function Driver for WinSock.
- An elevation of privilege vulnerability in Windows Event Tracing.
- A error in Microsoft MSHTML.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5005633)
OID:[Link].4.1.25623.1.0.818533
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2021-26435
cve: CVE-2021-36955
cve: CVE-2021-36959
cve: CVE-2021-36960
cve: CVE-2021-36961
cve: CVE-2021-36962
cve: CVE-2021-36963
cve: CVE-2021-36964
cve: CVE-2021-36965
cve: CVE-2021-36968
cve: CVE-2021-36969
cve: CVE-2021-38628
cve: CVE-2021-38629
cve: CVE-2021-38630
. . . continues on next page . . .
2 RESULTS PER HOST 172

. . . continued from previous page . . .

cve: CVE-2021-38633
cve: CVE-2021-38635
cve: CVE-2021-38636
cve: CVE-2021-38638
cve: CVE-2021-38639
cve: CVE-2021-38667
cve: CVE-2021-38671
cve: CVE-2021-40444
cve: CVE-2021-40447
cve: CVE-2021-36958
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K21/0965
cert-bund: CB-K21/0940
cert-bund: CB-K21/0867
dfn-cert: DFN-CERT-2021-1925
dfn-cert: DFN-CERT-2021-1876
dfn-cert: DFN-CERT-2021-1731

High (CVSS: 8.8)

NVT: Microsoft Windows Monthly Rollup (KB4019264)

Summary
This host is missing a critical security update (monthly rollup) according to Microsoft
KB4019264.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23775

Impact
Successful exploitation will allow an attacker to execute code or elevate user privileges, take
control of the aected system, bypass security restrictions, conduct denial-of-service condition,
gain access to potentially sensitive information and spoof content by tricking a user by redirecting
the user to a specially crafted website.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 173

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
This monthly rollup,
- Addressed issue where applications that use [Link] stop working after installing security
update 4015550.
- Deprecated SHA-1 Microsoft Edge and Internet Explorer 11 for SSL/TLS Server Authentica-
tion.
- Updated Internet Explorer 11's New Tab Page with an integrated newsfeed.
- Includes security updates to Microsoft Graphics Component, Microsoft Windows DNS, Win-
dows COM, Windows Server, Windows kernel, and Internet Explorer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Monthly Rollup (KB4019264)
OID:[Link].4.1.25623.1.0.811114
Version used: 2024-07-25T[Link]Z

References
cve: CVE-2017-0064
cve: CVE-2017-0077
cve: CVE-2017-0171
cve: CVE-2017-0175
cve: CVE-2017-0190
cve: CVE-2017-0213
cve: CVE-2017-0214
cve: CVE-2017-0220
cve: CVE-2017-0222
cve: CVE-2017-0231
cve: CVE-2017-0242
cve: CVE-2017-0244
cve: CVE-2017-0245
cve: CVE-2017-0246
cve: CVE-2017-0258
cve: CVE-2017-0263
cve: CVE-2017-0267
cve: CVE-2017-0268
cve: CVE-2017-0269
cve: CVE-2017-0270
cve: CVE-2017-0271
cve: CVE-2017-0272
cve: CVE-2017-0273
cve: CVE-2017-0274
cve: CVE-2017-0275
cve: CVE-2017-0276
. . . continues on next page . . .
2 RESULTS PER HOST 174

. . . continued from previous page . . .

cve: CVE-2017-0277
cve: CVE-2017-0278
cve: CVE-2017-0279
cve: CVE-2017-0280
cve: CVE-2017-8552
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0786
cert-bund: CB-K17/0782
cert-bund: CB-K17/0781
dfn-cert: DFN-CERT-2017-0813
dfn-cert: DFN-CERT-2017-0810
dfn-cert: DFN-CERT-2017-0809
2 RESULTS PER HOST 175

High (CVSS: 8.8)

NVT: Microsoft Windows Monthly Rollup (KB4015549)

Summary
This host is missing a monthly rollup according to Microsoft security update KB4015549.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23714

Impact
Successful exploitation will allow an attacker to execute code or elevate user privileges, take
control of the aected system, and access information from one domain and inject it into another
domain.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
This security update includes improvements and resolves the following security vulnerabilities
in Windows: scripting engine, Hyper-V, libjpeg image-processing library, Adobe Type Manager
Font Driver, Win32K, Microsoft Outlook, Internet Explorer, Graphics Component, Windows
kernel-mode drivers and Lightweight Directory Access Protocol.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Monthly Rollup (KB4015549)
OID:[Link].4.1.25623.1.0.810851
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2013-6629
cve: CVE-2017-0058
cve: CVE-2017-0155
cve: CVE-2017-0156
cve: CVE-2017-0158
cve: CVE-2017-0163
. . . continues on next page . . .
2 RESULTS PER HOST 176

. . . continued from previous page . . .

cve: CVE-2017-0166
cve: CVE-2017-0168
cve: CVE-2017-0180
cve: CVE-2017-0182
cve: CVE-2017-0183
cve: CVE-2017-0184
cve: CVE-2017-0191
cve: CVE-2017-0192
cve: CVE-2017-0199
cve: CVE-2017-0202
cve: CVE-2017-0210
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0622
cert-bund: CB-K17/0621
cert-bund: CB-K17/0620
cert-bund: CB-K17/0616
cert-bund: CB-K15/1514
cert-bund: CB-K14/1569
cert-bund: CB-K14/1048
cert-bund: CB-K14/1039
cert-bund: CB-K14/1038
cert-bund: CB-K14/0728
cert-bund: CB-K14/0668
cert-bund: CB-K14/0592
cert-bund: CB-K14/0590
cert-bund: CB-K14/0572
cert-bund: CB-K14/0561
cert-bund: CB-K14/0527
. . . continues on next page . . .
2 RESULTS PER HOST 177

. . . continued from previous page . . .

cert-bund: CB-K14/0467
cert-bund: CB-K14/0455
cert-bund: CB-K14/0442
cert-bund: CB-K14/0283
cert-bund: CB-K14/0231
cert-bund: CB-K14/0061
cert-bund: CB-K14/0002
cert-bund: CB-K13/1067
cert-bund: CB-K13/1039
cert-bund: CB-K13/1021
cert-bund: CB-K13/0981
cert-bund: CB-K13/0918
cert-bund: CB-K13/0731
dfn-cert: DFN-CERT-2017-0643
dfn-cert: DFN-CERT-2017-0642
dfn-cert: DFN-CERT-2017-0638
dfn-cert: DFN-CERT-2017-0637
dfn-cert: DFN-CERT-2014-1667
dfn-cert: DFN-CERT-2014-1086
dfn-cert: DFN-CERT-2014-1085
dfn-cert: DFN-CERT-2014-0755
dfn-cert: DFN-CERT-2014-0693
dfn-cert: DFN-CERT-2014-0612
dfn-cert: DFN-CERT-2014-0607
dfn-cert: DFN-CERT-2014-0596
dfn-cert: DFN-CERT-2014-0589
dfn-cert: DFN-CERT-2014-0550
dfn-cert: DFN-CERT-2014-0475
dfn-cert: DFN-CERT-2014-0474
dfn-cert: DFN-CERT-2014-0454
dfn-cert: DFN-CERT-2014-0292
dfn-cert: DFN-CERT-2014-0059
dfn-cert: DFN-CERT-2013-2129
dfn-cert: DFN-CERT-2013-2106
dfn-cert: DFN-CERT-2013-2049
dfn-cert: DFN-CERT-2013-2046
dfn-cert: DFN-CERT-2013-1995
dfn-cert: DFN-CERT-2013-1934
dfn-cert: DFN-CERT-2013-1729

High (CVSS: 8.8)

NVT: Microsoft Windows Netlogon Remote Code Execution Vulnerability (3167691)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 178

. . . continued from previous page . . .

This host is missing an important security update according to Microsoft Bulletin MS16-076.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\drivers\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23451

Impact
Successful exploitation will allow attackers to execute arbitrary code in the context of the cur-
rently logged-in user. Failed exploit attempts will likely result in denial of service conditions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
The aw occurs when windows improperly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Netlogon Remote Code Execution Vulnerability (3167691)
OID:[Link].4.1.25623.1.0.808227
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-3228
url: [Link]
url: [Link]
cert-bund: CB-K16/0914
dfn-cert: DFN-CERT-2016-0969

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5006743)

Summary
This host is missing a critical security update according to Microsoft KB5006743

. . . continues on next page . . .

2 RESULTS PER HOST 179

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.25740
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to disclose sensitive information, perform remote
code execution, cause denial of service condition, conduct spoong and elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An error in Windows exFAT File System.
- An error in Windows Fast FAT File System Driver.
- A error in Windows Remote Procedure Call Runtime.
- An error in Windows Media Audio Decoder.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5006743)
OID:[Link].4.1.25623.1.0.818808
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2021-26442
cve: CVE-2021-36953
cve: CVE-2021-36970
cve: CVE-2021-38662
cve: CVE-2021-38663
cve: CVE-2021-40443
cve: CVE-2021-40449
cve: CVE-2021-40455
cve: CVE-2021-40460
cve: CVE-2021-40465
cve: CVE-2021-40466
. . . continues on next page . . .
2 RESULTS PER HOST 180

. . . continued from previous page . . .

cve: CVE-2021-40467
cve: CVE-2021-40469
cve: CVE-2021-40489
cve: CVE-2021-41331
cve: CVE-2021-41332
cve: CVE-2021-41335
cve: CVE-2021-41340
cve: CVE-2021-41342
cve: CVE-2021-41343
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K21/1068
dfn-cert: DFN-CERT-2021-2125

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5007236)

Summary
This host is missing a critical security update according to Microsoft KB5007236

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.25767
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to disclose sensitive information, perform remote
code execution and elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Active Directory Domain Services.
. . . continues on next page . . .
2 RESULTS PER HOST 181

. . . continued from previous page . . .

- An elevation of privilege vulnerability in NTFS.
- An information disclosure vulnerability in Windows Remote Desktop Protocol (RDP).
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5007236)
OID:[Link].4.1.25623.1.0.818854
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2021-38631
cve: CVE-2021-38665
cve: CVE-2021-38666
cve: CVE-2021-41367
cve: CVE-2021-41370
cve: CVE-2021-41371
cve: CVE-2021-41377
cve: CVE-2021-41379
cve: CVE-2021-42275
cve: CVE-2021-42278
cve: CVE-2021-42282
cve: CVE-2021-42283
cve: CVE-2021-42285
cve: CVE-2021-42287
cve: CVE-2021-42291
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K21/1226
cert-bund: CB-K21/1169
dfn-cert: DFN-CERT-2021-2328

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5009610)

Summary
This host is missing a critical security update according to Microsoft KB5009610

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.25827
File checked: C:\Windows\system32\[Link]
. . . continues on next page . . .
2 RESULTS PER HOST 182

. . . continued from previous page . . .

File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to elevate privileges, disclose sensitive information,
conduct remote code execution, bypass security restrictions, conduct DoS attacks and conduct
spoong attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Active Directory Domain Services.
- An elevation of privilege vulnerability in Virtual Machine IDE Drive.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5009610)
OID:[Link].4.1.25623.1.0.818952
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-21833
cve: CVE-2022-21834
cve: CVE-2022-21835
cve: CVE-2022-21836
cve: CVE-2022-21838
cve: CVE-2022-21843
cve: CVE-2022-21848
cve: CVE-2022-21850
cve: CVE-2022-21851
cve: CVE-2022-21857
cve: CVE-2022-21859
cve: CVE-2022-21862
cve: CVE-2022-21880
cve: CVE-2022-21883
cve: CVE-2022-21884
cve: CVE-2022-21885
cve: CVE-2022-21889
. . . continues on next page . . .
2 RESULTS PER HOST 183

. . . continued from previous page . . .

cve: CVE-2022-21890
cve: CVE-2022-21893
cve: CVE-2022-21897
cve: CVE-2022-21899
cve: CVE-2022-21900
cve: CVE-2022-21903
cve: CVE-2022-21904
cve: CVE-2022-21905
cve: CVE-2022-21908
cve: CVE-2022-21913
cve: CVE-2022-21914
cve: CVE-2022-21915
cve: CVE-2022-21916
cve: CVE-2022-21919
cve: CVE-2022-21920
cve: CVE-2022-21922
cve: CVE-2022-21924
cve: CVE-2022-21925
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-0839
cert-bund: CB-K22/0030
dfn-cert: DFN-CERT-2022-0052

High (CVSS: 8.8)

NVT: Oracle Java SE Security Update (Apr 2024) -02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to compromise Oracle Java SE, which can result in
unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 184

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE 8u401 and prior on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21003: An error in the JavaFX component of Oracle Java SE.
- CVE-2024-21005: An error in the JavaFX component of Oracle Java SE.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2024) -02 - Windows
OID:[Link].4.1.25623.1.0.832953
Version used: 2024-08-15T[Link]Z

References
cve: CVE-2023-41993
cve: CVE-2024-21003
cve: CVE-2024-21005
cve: CVE-2024-21002
cve: CVE-2024-21004
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-0001
cert-bund: WID-SEC-2024-0895
cert-bund: WID-SEC-2023-2705
cert-bund: WID-SEC-2023-2454
cert-bund: WID-SEC-2023-2453
cert-bund: WID-SEC-2023-2452
cert-bund: WID-SEC-2023-2427
cert-bund: WID-SEC-2023-2424
dfn-cert: DFN-CERT-2025-1798
dfn-cert: DFN-CERT-2024-1413
dfn-cert: DFN-CERT-2024-1005
dfn-cert: DFN-CERT-2024-1004
dfn-cert: DFN-CERT-2023-2645
dfn-cert: DFN-CERT-2023-2334
dfn-cert: DFN-CERT-2023-2333
dfn-cert: DFN-CERT-2023-2297
dfn-cert: DFN-CERT-2023-2296
dfn-cert: DFN-CERT-2023-2246
dfn-cert: DFN-CERT-2023-2245
2 RESULTS PER HOST 185

High (CVSS: 8.8)

NVT: Microsoft Windows Remote Privilege Escalation Vulnerability (3155520)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-061.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23418

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with elevated priv-
ileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Flaw exists due to when windows improperly handles specially crafted Remote Procedure Call
(RPC) requests.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Remote Privilege Escalation Vulnerability (3155520)
OID:[Link].4.1.25623.1.0.807587
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0178
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 186

. . . continued from previous page . . .

cert-bund: CB-K16/0701
dfn-cert: DFN-CERT-2016-0759

High (CVSS: 8.8)

NVT: Oracle Java SE Security Update (Apr 2024) -02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to compromise Oracle Java SE, which can result in
unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE 8u401 and prior on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21003: An error in the JavaFX component of Oracle Java SE.
- CVE-2024-21005: An error in the JavaFX component of Oracle Java SE.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2024) -02 - Windows
OID:[Link].4.1.25623.1.0.832953
Version used: 2024-08-15T[Link]Z

References
cve: CVE-2023-41993
cve: CVE-2024-21003
cve: CVE-2024-21005
. . . continues on next page . . .
2 RESULTS PER HOST 187

. . . continued from previous page . . .

cve: CVE-2024-21002
cve: CVE-2024-21004
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-0001
cert-bund: WID-SEC-2024-0895
cert-bund: WID-SEC-2023-2705
cert-bund: WID-SEC-2023-2454
cert-bund: WID-SEC-2023-2453
cert-bund: WID-SEC-2023-2452
cert-bund: WID-SEC-2023-2427
cert-bund: WID-SEC-2023-2424
dfn-cert: DFN-CERT-2025-1798
dfn-cert: DFN-CERT-2024-1413
dfn-cert: DFN-CERT-2024-1005
dfn-cert: DFN-CERT-2024-1004
dfn-cert: DFN-CERT-2023-2645
dfn-cert: DFN-CERT-2023-2334
dfn-cert: DFN-CERT-2023-2333
dfn-cert: DFN-CERT-2023-2297
dfn-cert: DFN-CERT-2023-2296
dfn-cert: DFN-CERT-2023-2246
dfn-cert: DFN-CERT-2023-2245

High (CVSS: 8.8)

NVT: Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities

(3124584)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-005.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19091

Impact
Successful exploitation will allow an attacker to bypass Address Space Layout Randomization
(ASLR) protection mechanisms and gain access to sensitive informationand to execute arbitrary
code in the context of the currently logged-in user.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 188

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- A security feature bypass vulnerability exists in the way Windows graphics device interface
handles objects in memory.
- An error in the way Windows handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (31.
,→..
OID:[Link].4.1.25623.1.0.807028
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0009
cve: CVE-2016-0008
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0057
dfn-cert: DFN-CERT-2016-0064

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5011552)

Summary
This host is missing an important security update according to Microsoft KB5011552

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 189

. . . continued from previous page . . .

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.25895
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, disclose sensitive information,
conduct remote code execution, bypass security restrictions, and conduct DoS attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Windows Fax and Scan Service.
- An elevation of privilege vulnerability in Windows ALPC.
- An elevation of privilege vulnerability in Windows Installer.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5011552)
OID:[Link].4.1.25623.1.0.818979
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-21973
cve: CVE-2022-21990
cve: CVE-2022-23253
cve: CVE-2022-23281
cve: CVE-2022-23283
cve: CVE-2022-23285
cve: CVE-2022-23290
cve: CVE-2022-23293
cve: CVE-2022-23296
cve: CVE-2022-23297
cve: CVE-2022-23298
cve: CVE-2022-23299
cve: CVE-2022-24454
cve: CVE-2022-24459
. . . continues on next page . . .
2 RESULTS PER HOST 190

. . . continued from previous page . . .

cve: CVE-2022-24502
cve: CVE-2022-24503
url: [Link]
cert-bund: CB-K22/0290
dfn-cert: DFN-CERT-2022-0517

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4598279)

Summary
This host is missing a critical security update according to Microsoft KB4598279

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24564
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to perform remote code execution and elevate
privilege.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An error in Active Template Library.
- An error in Windows CSC Service.
- An error in TPM Device Driver.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4598279)
OID:[Link].4.1.25623.1.0.817574
. . . continues on next page . . .
2 RESULTS PER HOST 191

. . . continued from previous page . . .

Version used: 2025-11-14T[Link]Z

References
cve: CVE-2021-1649
cve: CVE-2021-1652
cve: CVE-2021-1653
cve: CVE-2021-1654
cve: CVE-2021-1655
cve: CVE-2021-1656
cve: CVE-2021-1657
cve: CVE-2021-1658
cve: CVE-2021-1659
cve: CVE-2021-1660
cve: CVE-2021-1661
cve: CVE-2021-1664
cve: CVE-2021-1665
cve: CVE-2021-1666
cve: CVE-2021-1667
cve: CVE-2021-1668
cve: CVE-2021-1671
cve: CVE-2021-1673
cve: CVE-2021-1674
cve: CVE-2021-1676
cve: CVE-2021-1678
cve: CVE-2021-1679
cve: CVE-2021-1688
cve: CVE-2021-1693
cve: CVE-2021-1694
cve: CVE-2021-1695
cve: CVE-2021-1696
cve: CVE-2021-1699
cve: CVE-2021-1700
cve: CVE-2021-1701
cve: CVE-2021-1702
cve: CVE-2021-1704
cve: CVE-2021-1706
cve: CVE-2021-1708
cve: CVE-2021-1709
url: [Link]
cert-bund: CB-K21/0028
dfn-cert: DFN-CERT-2021-0063
2 RESULTS PER HOST 192

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4550964)

Summary
This host is missing a critical security update according to Microsoft KB4550964

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24551
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation allows an attacker to execute arbitrary code on a victim system, disclose
sensitive information, conduct denial-of-service condition and gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to
- An error when the Windows kernel improperly handles objects in memory.
- Multiple errors in the way Microsoft Graphics Components handle objects in memory.
- Multiple errors when the Windows Jet Database Engine improperly handles objects in memory.
- An error in Windows DNS when it fails to properly handle queries.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4550964)
OID:[Link].4.1.25623.1.0.816823
Version used: 2022-08-09T[Link]Z

References
cve: CVE-2020-0687
cve: CVE-2020-0821
cve: CVE-2020-0889
cve: CVE-2020-0895
cve: CVE-2020-0938
. . . continues on next page . . .
2 RESULTS PER HOST 193

. . . continued from previous page . . .

cve: CVE-2020-0946
cve: CVE-2020-0952
cve: CVE-2020-0953
cve: CVE-2020-0955
cve: CVE-2020-0956
cve: CVE-2020-0957
cve: CVE-2020-0958
cve: CVE-2020-0959
cve: CVE-2020-0960
cve: CVE-2020-0962
cve: CVE-2020-0964
cve: CVE-2020-0965
cve: CVE-2020-0966
cve: CVE-2020-0967
cve: CVE-2020-0968
cve: CVE-2020-0982
cve: CVE-2020-0987
cve: CVE-2020-0988
cve: CVE-2020-0992
cve: CVE-2020-0993
cve: CVE-2020-0994
cve: CVE-2020-0995
cve: CVE-2020-0999
cve: CVE-2020-1000
cve: CVE-2020-1004
cve: CVE-2020-1005
cve: CVE-2020-1007
cve: CVE-2020-1008
cve: CVE-2020-1009
cve: CVE-2020-1011
cve: CVE-2020-1014
cve: CVE-2020-1015
cve: CVE-2020-1020
cve: CVE-2020-1027
cve: CVE-2020-1094
cve: CVE-2020-0907
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K20/0334
cert-bund: CB-K20/0332
cert-bund: CB-K20/0257
dfn-cert: DFN-CERT-2020-0761
dfn-cert: DFN-CERT-2020-0756
2 RESULTS PER HOST 194

High (CVSS: 8.8)

NVT: Microsoft Windows Print Spooler RCE Vulnerability (KB5005010, PrintNightmare)

Summary
This host is missing a critical security update according to Microsoft KB5005010. The aw is
dubbed 'PrintNightmare'.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 6.1.7601.17514
Fixed version: 6.1.7601.25633
In order to secure your system, please also confirm that the following registry
,→keys are set to 0 (zero) or are not present:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
- NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
- UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Impact
Successful exploitation allow attackers to execute arbitrary code with SYSTEM privileges on a
vulnerable system.

Solution:
Solution type: Workaround
The vendor has released updates.
In addition to installing the updates users are recommended to either disable the Print Spooler
service, or to Disable inbound remote printing through Group Policy.
Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2019
- Microsoft Windows Server 2016
- Microsoft Windows 7 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2008 x32
- Microsoft Windows Server 2008 R2 x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2

Vulnerability Insight
The aw is due to the Microsoft Windows Print Spooler service which fails to restrict access to
functionality that allows users to add printers and related drivers.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 195

. . . continued from previous page . . .

Checks if a vulnerable le and registry conguration is present on the target host.
Details: Microsoft Windows Print Spooler RCE Vulnerability (KB5005010, PrintNightmare)
OID:[Link].4.1.25623.1.0.818162
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2021-34527
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
,→34527-windows-print-spooler-vulnerability/
cert-bund: CB-K21/0708
dfn-cert: DFN-CERT-2021-1437

High (CVSS: 8.8)

NVT: Microsoft Windows SMB Server Multiple Vulnerabilities (4013389)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS17-
010(WannaCrypt)

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23677

Impact
Successful exploitation will allow remote attackers to gain the ability to execute code on the
target server, also could lead to information disclosure from the server.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows XP SP2 x64
- Microsoft Windows XP SP3 x86
- Microsoft Windows 8 x86/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
. . . continues on next page . . .
2 RESULTS PER HOST 196

. . . continued from previous page . . .

- Microsoft Windows Server 2016
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012 R2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Service Pack 2

Vulnerability Insight
Multiple aws exist due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server
handles certain requests(WannaCrypt).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows SMB Server Multiple Vulnerabilities (4013389)
OID:[Link].4.1.25623.1.0.810810
Version used: 2024-07-17T[Link]Z

References
cve: CVE-2017-0143
cve: CVE-2017-0144
cve: CVE-2017-0145
cve: CVE-2017-0146
cve: CVE-2017-0147
cve: CVE-2017-0148
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→annacrypt-attacks
cert-bund: CB-K17/0435
dfn-cert: DFN-CERT-2017-0448

High (CVSS: 8.8)

NVT: Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 197

. . . continued from previous page . . .

Microsoft XML Core Services is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.30.7601.17514
Vulnerable range: 6.30.7601.17000 - 6.30.7601.17856

Impact
Successful exploitation could allow remote attackers to execute arbitrary code as the logged-on
user.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
- Microsoft Expression Web 2
- Microsoft Oce Word Viewer
- Microsoft Oce Compatibility
- Microsoft Oce 2003 Service Pack 3 and prior
- Microsoft Oce 2007 Service Pack 3 and prior
- Microsoft Expression Web Service Pack 1 and prior
- Microsoft Groove Server 2007 Service Pack 3 and prior
- Microsoft SharePoint Server 2007 Service Pack 3 and prior
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Microsoft XML Core Services attempts to access an object in memory that has not been initial-
ized, which allows an attacker to corrupt memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
OID:[Link].4.1.25623.1.0.802864
Version used: 2025-08-05T[Link]Z

References
cve: CVE-2012-1889
. . . continues on next page . . .
2 RESULTS PER HOST 198

. . . continued from previous page . . .

cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→719615
url: [Link]
,→12-043
dfn-cert: DFN-CERT-2012-1327
dfn-cert: DFN-CERT-2012-1125

High (CVSS: 8.8)

NVT: Microsoft .NET Framework Multiple Vulnerabilities (KB4556399)

Summary
This host is missing a critical security update according to Microsoft KB4556399

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 4.0 - 4.0.30319.36626
File checked: C:\Windows\[Link]\Framework64\v4.0.30319\[Link]
,→[Link]
File version: 4.0.30319.18408

Impact
Successful exploitation will allow an attacker to gain escalated privileges, conduct a denial-of-
service condition and run arbitrary code in the context of the current user. If the current user is
logged on with administrative user rights, an attacker could take control of the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft
Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
Multiple aws exist due to:
- Microsoft .NET Framework fails to check the source markup of a le.
- Microsoft .NET Framework improperly handles web requests.
- An error in how .NET Framework activates COM objects.

. . . continues on next page . . .

2 RESULTS PER HOST 199

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple Vulnerabilities (KB4556399)
OID:[Link].4.1.25623.1.0.817103
Version used: 2021-08-11T[Link]Z

References
cve: CVE-2020-1108
cve: CVE-2020-0605
cve: CVE-2020-1066
url: [Link]
cert-bund: CB-K20/0456
cert-bund: CB-K20/0048
dfn-cert: DFN-CERT-2020-1091
dfn-cert: DFN-CERT-2020-1032
dfn-cert: DFN-CERT-2020-1009
dfn-cert: DFN-CERT-2020-1008
dfn-cert: DFN-CERT-2020-0087

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4540688)

Summary
This host is missing a critical security update according to Microsoft KB4540688

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24550
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation allows an attacker to execute arbitrary code, elevate privileges, disclose
sensitive information and conduct tampering attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

. . . continues on next page . . .

2 RESULTS PER HOST 200

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws exist when,
- Windows Error Reporting improperly handles memory.
- Windows GDI component improperly discloses the contents of its memory.
- Windows Graphics Component improperly handles objects in memory.
- Windows Network Connections Service improperly handles objects in memory.
- Connected User Experiences and Telemetry Service improperly handles le operations.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4540688)
OID:[Link].4.1.25623.1.0.815797
Version used: 2022-08-09T[Link]Z

References
cve: CVE-2020-0645
cve: CVE-2020-0684
cve: CVE-2020-0768
cve: CVE-2020-0769
cve: CVE-2020-0770
cve: CVE-2020-0771
cve: CVE-2020-0772
cve: CVE-2020-0773
cve: CVE-2020-0774
cve: CVE-2020-0778
cve: CVE-2020-0779
cve: CVE-2020-0781
cve: CVE-2020-0783
cve: CVE-2020-0785
cve: CVE-2020-0787
cve: CVE-2020-0788
cve: CVE-2020-0791
cve: CVE-2020-0802
cve: CVE-2020-0803
cve: CVE-2020-0804
cve: CVE-2020-0806
cve: CVE-2020-0814
cve: CVE-2020-0822
cve: CVE-2020-0824
cve: CVE-2020-0830
cve: CVE-2020-0832
cve: CVE-2020-0833
cve: CVE-2020-0842
cve: CVE-2020-0843
cve: CVE-2020-0844
cve: CVE-2020-0845
. . . continues on next page . . .
2 RESULTS PER HOST 201

. . . continued from previous page . . .

cve: CVE-2020-0847
cve: CVE-2020-0849
cve: CVE-2020-0853
cve: CVE-2020-0860
cve: CVE-2020-0871
cve: CVE-2020-0874
cve: CVE-2020-0877
cve: CVE-2020-0879
cve: CVE-2020-0880
cve: CVE-2020-0881
cve: CVE-2020-0882
cve: CVE-2020-0883
cve: CVE-2020-0885
cve: CVE-2020-0887
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2022-0289
cert-bund: CB-K20/0212
cert-bund: CB-K20/0210
cert-bund: CB-K20/0209
dfn-cert: DFN-CERT-2020-0500
dfn-cert: DFN-CERT-2020-0494
dfn-cert: DFN-CERT-2020-0493
dfn-cert: DFN-CERT-2020-0492

High (CVSS: 8.8)

NVT: Microsoft Windows XML Core Services Remote Code Execution Vulnerability (3148541)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-040.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 8.110.7601.17514
Vulnerable range: Less than 8.110.7601.23373

Impact
Successful exploitation will allow remote attackers to run malicious code remotely to take control
of the user's system.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 202

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2

Vulnerability Insight
Flaw exists due to some unspecied error when XML Core services parser processes user input.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows XML Core Services Remote Code Execution Vulnerability (314854.
,→..
OID:[Link].4.1.25623.1.0.807539
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0147
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0546
dfn-cert: DFN-CERT-2016-0589

High (CVSS: 8.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (3156754)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-055.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23418

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 203

. . . continued from previous page . . .

Successful exploitation will allow an attacker to obtain information to further compromise the
user's system, and install programs view, change, or delete data, or create new accounts with
full user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- Windows GDI component improperly discloses the contents of its memory.
- Windows Imaging Component fails to properly handle objects in the memory.
- Windows GDI component fails to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (3156754)
OID:[Link].4.1.25623.1.0.807691
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0168
cve: CVE-2016-0169
cve: CVE-2016-0170
cve: CVE-2016-0184
cve: CVE-2016-0195
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0701
dfn-cert: DFN-CERT-2016-0759
2 RESULTS PER HOST 204

High (CVSS: 8.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (3148522)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-039.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23407

Impact
Successful exploitation will allow remote attackers to execute arbitrary code and gain elevated
privileges on the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
Multiple aws exist due to:
- An error in kernel-mode driver which fails to properly handle objects in memory.
- An error in windows font library which improperly handles specially crafted embedded fonts.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (3148522)
OID:[Link].4.1.25623.1.0.806699
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0143
cve: CVE-2016-0145
. . . continues on next page . . .
2 RESULTS PER HOST 205

. . . continued from previous page . . .

cve: CVE-2016-0165
cve: CVE-2016-0167
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0556
cert-bund: CB-K16/0546
cert-bund: CB-K16/0545
dfn-cert: DFN-CERT-2016-0603
dfn-cert: DFN-CERT-2016-0598
dfn-cert: DFN-CERT-2016-0589

High (CVSS: 8.8)

NVT: Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3076321)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-065.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to corrupt memory and potentially execute
arbitrary code in the context of the current user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x/11.x and VBScript 5.8 on
8.x/9.x/10.x/11.x.

Vulnerability Insight
Multiple aws are due to improper handling memory objects when accessing it and does not
properly validate permissions under specic conditions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3076321)
. . . continues on next page . . .
2 RESULTS PER HOST 206

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.805720
Version used: 2024-07-01T[Link]Z

References
cve: CVE-2015-1729
cve: CVE-2015-1733
cve: CVE-2015-1767
cve: CVE-2015-2372
cve: CVE-2015-2383
cve: CVE-2015-2384
cve: CVE-2015-2385
cve: CVE-2015-2389
cve: CVE-2015-2390
cve: CVE-2015-2391
cve: CVE-2015-2397
cve: CVE-2015-2398
cve: CVE-2015-2401
cve: CVE-2015-2402
cve: CVE-2015-2403
cve: CVE-2015-2404
cve: CVE-2015-2388
cve: CVE-2015-2406
cve: CVE-2015-2408
cve: CVE-2015-2410
cve: CVE-2015-2411
cve: CVE-2015-2412
cve: CVE-2015-2413
cve: CVE-2015-2414
cve: CVE-2015-2419
cve: CVE-2015-2421
cve: CVE-2015-2422
cve: CVE-2015-2425
cve: CVE-2015-1738
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1014
cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1062
dfn-cert: DFN-CERT-2015-1060
2 RESULTS PER HOST 207

High (CVSS: 8.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4537820)

Summary
This host is missing a critical security update according to Microsoft KB4537820

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24548
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to run arbitrary code, elevate privileges and disclose
sensitive information

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to
- Windows Common Log File System (CLFS) driver fails to properly handle objects in memory.
- Windows Search Indexer improperly handles objects in memory.
- Cryptography Next Generation (CNG) service improperly handles objects in memory.
- Windows Error Reporting manager improperly handles hard links.
- Windows Function Discovery Service improperly handles objects in memory.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4537820)
OID:[Link].4.1.25623.1.0.815776
Version used: 2024-06-26T[Link]Z

References
cve: CVE-2020-0655
cve: CVE-2020-0657
cve: CVE-2020-0658
cve: CVE-2020-0662
. . . continues on next page . . .
2 RESULTS PER HOST 208

. . . continued from previous page . . .

cve: CVE-2020-0665
cve: CVE-2020-0666
cve: CVE-2020-0667
cve: CVE-2020-0668
cve: CVE-2020-0673
cve: CVE-2020-0674
cve: CVE-2020-0675
cve: CVE-2020-0676
cve: CVE-2020-0677
cve: CVE-2020-0678
cve: CVE-2020-0680
cve: CVE-2020-0681
cve: CVE-2020-0682
cve: CVE-2020-0683
cve: CVE-2020-0686
cve: CVE-2020-0691
cve: CVE-2020-0698
cve: CVE-2020-0703
cve: CVE-2020-0705
cve: CVE-2020-0708
cve: CVE-2020-0715
cve: CVE-2020-0719
cve: CVE-2020-0720
cve: CVE-2020-0721
cve: CVE-2020-0722
cve: CVE-2020-0723
cve: CVE-2020-0724
cve: CVE-2020-0725
cve: CVE-2020-0726
cve: CVE-2020-0729
cve: CVE-2020-0730
cve: CVE-2020-0731
cve: CVE-2020-0734
cve: CVE-2020-0735
cve: CVE-2020-0736
cve: CVE-2020-0737
cve: CVE-2020-0738
cve: CVE-2020-0744
cve: CVE-2020-0745
cve: CVE-2020-0748
cve: CVE-2020-0752
cve: CVE-2020-0753
cve: CVE-2020-0754
cve: CVE-2020-0755
cve: CVE-2020-0756
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 209

. . . continued from previous page . . .

url: [Link]
cert-bund: WID-SEC-2022-2120
cert-bund: CB-K20/0123
cert-bund: CB-K20/0114
cert-bund: CB-K20/0059
dfn-cert: DFN-CERT-2020-0306
dfn-cert: DFN-CERT-2020-0299
dfn-cert: DFN-CERT-2020-0133

High (CVSS: 8.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (3204066)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-146.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23591

Impact
Successful exploitation will allow an attacker to take control of the aected system. An attacker
could then:
- install programs
- view, change, or delete data
- or create new accounts with full user rights.
Users whose accounts are congured to have fewer user rights on the system could be less im-
pacted than users who operate with administrative user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
. . . continues on next page . . .
2 RESULTS PER HOST 210

. . . continued from previous page . . .

- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
Multiple aws are due to:
- the windows GDI component improperly discloses the contents of its memory.
- the Windows Graphics component improperly handles objects in the memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (3204066)
OID:[Link].4.1.25623.1.0.809831
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-7257
cve: CVE-2016-7272
cve: CVE-2016-7273
url: [Link]
url: [Link]
cert-bund: CB-K16/1959
cert-bund: CB-K16/1956
dfn-cert: DFN-CERT-2016-2066
dfn-cert: DFN-CERT-2016-2062

High (CVSS: 8.6)

NVT: Oracle Java SE Security Update (oct2021) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability, integrity and
condentiality.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 211

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'JavaFX' and 'Deployment' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 01 - Windows
OID:[Link].4.1.25623.1.0.818827
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-3517
cve: CVE-2021-35560
cve: CVE-2021-3522
url: [Link]
cert-bund: WID-SEC-2023-1614
cert-bund: WID-SEC-2023-1152
cert-bund: WID-SEC-2023-0395
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-1113
cert-bund: WID-SEC-2022-0196
cert-bund: CB-K22/0239
cert-bund: CB-K22/0061
cert-bund: CB-K21/1082
cert-bund: CB-K21/0647
cert-bund: CB-K21/0450
dfn-cert: DFN-CERT-2023-2306
dfn-cert: DFN-CERT-2022-0899
dfn-cert: DFN-CERT-2022-0213
dfn-cert: DFN-CERT-2022-0121
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0024
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2438
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194
dfn-cert: DFN-CERT-2021-1802
dfn-cert: DFN-CERT-2021-1690
dfn-cert: DFN-CERT-2021-1102
dfn-cert: DFN-CERT-2021-1058
dfn-cert: DFN-CERT-2021-1049
. . . continues on next page . . .
2 RESULTS PER HOST 212

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-0989
dfn-cert: DFN-CERT-2021-0969

High (CVSS: 8.6)

NVT: Oracle Java SE Security Update (oct2021) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability, integrity and
condentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'JavaFX' and 'Deployment' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 01 - Windows
OID:[Link].4.1.25623.1.0.818827
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-3517
cve: CVE-2021-35560
cve: CVE-2021-3522
url: [Link]
cert-bund: WID-SEC-2023-1614
cert-bund: WID-SEC-2023-1152
. . . continues on next page . . .
2 RESULTS PER HOST 213

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-0395
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-1113
cert-bund: WID-SEC-2022-0196
cert-bund: CB-K22/0239
cert-bund: CB-K22/0061
cert-bund: CB-K21/1082
cert-bund: CB-K21/0647
cert-bund: CB-K21/0450
dfn-cert: DFN-CERT-2023-2306
dfn-cert: DFN-CERT-2022-0899
dfn-cert: DFN-CERT-2022-0213
dfn-cert: DFN-CERT-2022-0121
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0024
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2438
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194
dfn-cert: DFN-CERT-2021-1802
dfn-cert: DFN-CERT-2021-1690
dfn-cert: DFN-CERT-2021-1102
dfn-cert: DFN-CERT-2021-1058
dfn-cert: DFN-CERT-2021-1049
dfn-cert: DFN-CERT-2021-0989
dfn-cert: DFN-CERT-2021-0969

High (CVSS: 8.5)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5021291)

Summary
This host is missing an important security update according to Microsoft KB5021291

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.26262
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, disclose sensitive information,
conduct remote code execution, bypass security restrictions, and conduct DoS attacks.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 214

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Windows Fax Compose Form.
- An elevation of privilege vulnerability in Windows Graphics Component.
- A Remote Code Execution vulnerability in Windows Contacts.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5021291)
OID:[Link].4.1.25623.1.0.826811
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-41074
cve: CVE-2022-41077
cve: CVE-2022-41121
cve: CVE-2022-44666
cve: CVE-2022-44667
cve: CVE-2022-44668
cve: CVE-2022-44670
cve: CVE-2022-44673
cve: CVE-2022-44675
cve: CVE-2022-44676
cve: CVE-2022-44678
cve: CVE-2022-44681
cve: CVE-2022-44697
cve: CVE-2022-41076
cve: CVE-2022-41094
url: [Link]
cert-bund: WID-SEC-2022-2307
cert-bund: WID-SEC-2022-2303
dfn-cert: DFN-CERT-2022-2854
dfn-cert: DFN-CERT-2022-2847
2 RESULTS PER HOST 215

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates - 01 - (cpujul2020) - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u251 ([Link]) and earlier.

Vulnerability Insight
The aw exists due to an error in the 'JavaFX' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 01 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118162
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14664
url: [Link]
cert-bund: WID-SEC-2022-1522
cert-bund: CB-K20/0715
dfn-cert: DFN-CERT-2020-1531
2 RESULTS PER HOST 216

High (CVSS: 8.3)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-042.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode
privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x64 Edition Service Pack 1 and prior
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows 2K3 x32 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aws are due to an:
- Error in the User Mode Scheduler (UMS) when handling a particular system request can be
exploited to execute arbitrary code.
- Error in incorrect protection of BIOS ROM can be exploited to execute arbitrary code.

Vulnerability Detection Method

Details: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
OID:[Link].4.1.25623.1.0.902916
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-0217
cve: CVE-2012-1515
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→12-042
. . . continues on next page . . .
2 RESULTS PER HOST 217

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-1985
dfn-cert: DFN-CERT-2012-1511
dfn-cert: DFN-CERT-2012-1413
dfn-cert: DFN-CERT-2012-1397
dfn-cert: DFN-CERT-2012-1239
dfn-cert: DFN-CERT-2012-1238
dfn-cert: DFN-CERT-2012-1229
dfn-cert: DFN-CERT-2012-1144
dfn-cert: DFN-CERT-2012-1127
dfn-cert: DFN-CERT-2012-1126
dfn-cert: DFN-CERT-2012-1123
dfn-cert: DFN-CERT-2012-1120
dfn-cert: DFN-CERT-2012-1119
dfn-cert: DFN-CERT-2012-0592

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates - 03 - (cpujul2020) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u261 ([Link]) and earlier, 8u251 ([Link]) and earlier, 11.0.7 and
earlier, 14.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, 2D, JAXP and JSSE.

. . . continues on next page . . .

2 RESULTS PER HOST 218

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 03 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118166
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14583
cve: CVE-2020-14593
cve: CVE-2020-14621
cve: CVE-2020-14577
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1522
cert-bund: WID-SEC-2022-1285
cert-bund: CB-K20/1075
cert-bund: CB-K20/0715
cert-bund: CB-K20/0706
dfn-cert: DFN-CERT-2021-0949
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1531
dfn-cert: DFN-CERT-2020-1529

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-05 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 219

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 10.0 through 10.0.1 and [Link] and earlier, [Link] and earlier on
Windows

Vulnerability Insight
The aw is due to an unspecied error in the JavaFX component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-05 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813688
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2941
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2018-1405

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-05 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 220

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 10.0 through 10.0.1 and [Link] and earlier, [Link] and earlier on
Windows

Vulnerability Insight
The aw is due to an unspecied error in the JavaFX component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-05 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813688
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2941
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2018-1405

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates (jan2018-3236628) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attackers to gain elevated privileges
and modify user data.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 221

. . . continued from previous page . . .

Oracle Java SE version [Link] and earlier, 9.0.1 and earlier on Windows

Vulnerability Insight
Multiple aws exist due to
- Multiple errors in the Deployment component.
- An error in the Installer component.
- An error in Hotspot component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 02 - Windows
OID:[Link].4.1.25623.1.0.812638
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2582
cve: CVE-2018-2639
cve: CVE-2018-2638
cve: CVE-2018-2627
url: [Link]
cert-bund: CB-K18/0636
cert-bund: CB-K18/0091
dfn-cert: DFN-CERT-2018-0816
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0102

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates (jan2018-3236628) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attackers to gain elevated privileges
and modify user data.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 222

. . . continued from previous page . . .

Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, 9.0.1 and earlier on Windows

Vulnerability Insight
Multiple aws exist due to
- Multiple errors in the Deployment component.
- An error in the Installer component.
- An error in Hotspot component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 02 - Windows
OID:[Link].4.1.25623.1.0.812638
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2582
cve: CVE-2018-2639
cve: CVE-2018-2638
cve: CVE-2018-2627
url: [Link]
cert-bund: CB-K18/0636
cert-bund: CB-K18/0091
dfn-cert: DFN-CERT-2018-0816
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0102

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates (jan2018-3236628) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

. . . continues on next page . . .

2 RESULTS PER HOST 223

. . . continued from previous page . . .

Impact
Successful exploitation of this vulnerability will allow remote attackers to conduct a denial of
service condition, access data, partially modify data and gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier, 9.0.1
and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to:
- Multiple errors in 'Libraries' sub-component.
- Multiple errors in 'JNDI' sub-component.
- An error in 'JMX' sub-component.
- Multiple errors in 'AWT' sub-component.
- An error in 'JCE' sub-component.
- An error in 'JGSS' sub-component.
- An error in 'I18n' sub-component.
- An error in 'LDAP' sub-component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 03 - Windows
OID:[Link].4.1.25623.1.0.812639
Version used: 2023-11-23T[Link]Z

References
cve: CVE-2018-2677
cve: CVE-2018-2599
cve: CVE-2018-2603
cve: CVE-2018-2641
cve: CVE-2018-2602
cve: CVE-2018-2629
cve: CVE-2018-2678
cve: CVE-2018-2663
cve: CVE-2018-2633
cve: CVE-2018-2588
cve: CVE-2018-2637
cve: CVE-2018-2618
cve: CVE-2018-2579
url: [Link]
cert-bund: CB-K18/0882
cert-bund: CB-K18/0808
. . . continues on next page . . .
2 RESULTS PER HOST 224

. . . continued from previous page . . .

cert-bund: CB-K18/0715
cert-bund: CB-K18/0714
cert-bund: CB-K18/0689
cert-bund: CB-K18/0636
cert-bund: CB-K18/0091
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2018-1915
dfn-cert: DFN-CERT-2018-1746
dfn-cert: DFN-CERT-2018-1703
dfn-cert: DFN-CERT-2018-1364
dfn-cert: DFN-CERT-2018-1078
dfn-cert: DFN-CERT-2018-1073
dfn-cert: DFN-CERT-2018-1000
dfn-cert: DFN-CERT-2018-0816
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0102

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates (jan2018-3236628) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attackers to conduct a denial of
service condition, access data, partially modify data and gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier, 9.0.1
and earlier on Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 225

. . . continued from previous page . . .

Multiple aws exist due to:
- Multiple errors in 'Libraries' sub-component.
- Multiple errors in 'JNDI' sub-component.
- An error in 'JMX' sub-component.
- Multiple errors in 'AWT' sub-component.
- An error in 'JCE' sub-component.
- An error in 'JGSS' sub-component.
- An error in 'I18n' sub-component.
- An error in 'LDAP' sub-component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 03 - Windows
OID:[Link].4.1.25623.1.0.812639
Version used: 2023-11-23T[Link]Z

References
cve: CVE-2018-2677
cve: CVE-2018-2599
cve: CVE-2018-2603
cve: CVE-2018-2641
cve: CVE-2018-2602
cve: CVE-2018-2629
cve: CVE-2018-2678
cve: CVE-2018-2663
cve: CVE-2018-2633
cve: CVE-2018-2588
cve: CVE-2018-2637
cve: CVE-2018-2618
cve: CVE-2018-2579
url: [Link]
cert-bund: CB-K18/0882
cert-bund: CB-K18/0808
cert-bund: CB-K18/0715
cert-bund: CB-K18/0714
cert-bund: CB-K18/0689
cert-bund: CB-K18/0636
cert-bund: CB-K18/0091
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2018-1915
dfn-cert: DFN-CERT-2018-1746
dfn-cert: DFN-CERT-2018-1703
dfn-cert: DFN-CERT-2018-1364
dfn-cert: DFN-CERT-2018-1078
dfn-cert: DFN-CERT-2018-1073
dfn-cert: DFN-CERT-2018-1000
dfn-cert: DFN-CERT-2018-0816
. . . continues on next page . . .
2 RESULTS PER HOST 226

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0102

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates - 03 - (cpujul2020) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u261 ([Link]) and earlier, 8u251 ([Link]) and earlier, 11.0.7 and
earlier, 14.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, 2D, JAXP and JSSE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 03 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118166
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14583
cve: CVE-2020-14593
cve: CVE-2020-14621
cve: CVE-2020-14577
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 227

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1522
cert-bund: WID-SEC-2022-1285
cert-bund: CB-K20/1075
cert-bund: CB-K20/0715
cert-bund: CB-K20/0706
dfn-cert: DFN-CERT-2021-0949
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1531
dfn-cert: DFN-CERT-2020-1529

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-06 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier on Windows

Vulnerability Insight
The aw is due to an unspecied error in the 'Windows DLL' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-06 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813690
. . . continues on next page . . .
2 RESULTS PER HOST 228

. . . continued from previous page . . .

Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2942
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2018-1405

High (CVSS: 8.3)

NVT: Oracle Java SE Privilege Escalation Vulnerability (oct2018-4428296) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.7.0 to [Link] and 1.8.0 to [Link] and 11 on Windows.

Vulnerability Insight
The aw exists due to an error in the Hotspot component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability (oct2018-4428296) - Windows
OID:[Link].4.1.25623.1.0.814097
Version used: 2024-09-25T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 229

. . . continued from previous page . . .

cve: CVE-2018-3169
url: [Link]
cert-bund: CB-K19/0175
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2107

High (CVSS: 8.3)

NVT: Oracle Java SE Privilege Escalation Vulnerability (oct2018-4428296) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.7.0 to [Link] and 1.8.0 to [Link] and 11 on Windows.

Vulnerability Insight
The aw exists due to an error in the Hotspot component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability (oct2018-4428296) - Windows
OID:[Link].4.1.25623.1.0.814097
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-3169
. . . continues on next page . . .
2 RESULTS PER HOST 230

. . . continued from previous page . . .

url: [Link]
cert-bund: CB-K19/0175
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2107

High (CVSS: 8.3)

NVT: Oracle Java SE Security Update (cpuapr2020 - 01) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u251 ([Link]) and earlier, 8u241 ([Link]) and earlier, 11.0.6 and
earlier, 14.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Concurrency, Lightweight HTTP
Server, Serialization and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 01) - Windows
OID:[Link].4.1.25623.1.0.816855
Version used: 2025-01-21T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 231

. . . continued from previous page . . .

References
cve: CVE-2020-2803
cve: CVE-2020-2805
cve: CVE-2020-2781
cve: CVE-2020-2830
cve: CVE-2020-2800
cve: CVE-2020-2773
cve: CVE-2020-2756
cve: CVE-2020-2757
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K21/0279
cert-bund: CB-K20/0319
cert-bund: CB-K20/0312
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-0778
dfn-cert: DFN-CERT-2020-0771

High (CVSS: 8.3)

NVT: Microsoft Group Policy Remote Code Execution Vulnerability (3000483)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-011.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow context-dependent to execute arbitrary code. Failed exploit
attempts will result in a denial-of-service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 232

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2

Vulnerability Insight
The aw is due to remote code execution vulnerability in the way Group Policy receives and
applies policy data if a domain-joined system is connected to a domain controller

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Group Policy Remote Code Execution Vulnerability (3000483)
OID:[Link].4.1.25623.1.0.805448
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0008
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0171
dfn-cert: DFN-CERT-2015-0175

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-06 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 233

. . . continued from previous page . . .

Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier on Windows

Vulnerability Insight
The aw is due to an unspecied error in the 'Windows DLL' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-06 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813690
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2942
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2018-1405

High (CVSS: 8.3)

NVT: Oracle Java SE Security Update (cpuapr2020 - 01) - Linux

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

. . . continues on next page . . .

2 RESULTS PER HOST 234

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u251 ([Link]) and earlier, 8u241 ([Link]) and earlier, 11.0.6 and
earlier, 14.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Concurrency, Lightweight HTTP
Server, Serialization and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 01) - Linux
OID:[Link].4.1.25623.1.0.816859
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2803
cve: CVE-2020-2805
cve: CVE-2020-2781
cve: CVE-2020-2830
cve: CVE-2020-2800
cve: CVE-2020-2773
cve: CVE-2020-2756
cve: CVE-2020-2757
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K21/0279
cert-bund: CB-K20/0319
cert-bund: CB-K20/0312
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-0778
dfn-cert: DFN-CERT-2020-0771
2 RESULTS PER HOST 235

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-03 (cpuoct2018) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_144
Fixed version: See reference
Installation
path / port: C:\Program Files\Java\jdk1.8.0_144

Impact
Successful exploitation will allow attackers to gain elevated privileges, cause partial denial of
service conditions, partially modify and access data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.6.0 through [Link], 1.7.0 through [Link], 1.8.0 through [Link]
and 11.

Vulnerability Insight
Multiple aws are due to errors in components 'JNDI', 'Deployment (libpng)', 'Security', 'Net-
working' and 'JSSE'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-03 (cpuoct2018) - Windows
OID:[Link].4.1.25623.1.0.814099
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-3149
cve: CVE-2018-13785
cve: CVE-2018-3136
cve: CVE-2018-3139
cve: CVE-2018-3180
cve: CVE-2018-14048
url: [Link]
advisory-id: cpuoct2018
. . . continues on next page . . .
2 RESULTS PER HOST 236

. . . continued from previous page . . .

cert-bund: CB-K19/1121
cert-bund: CB-K19/0175
cert-bund: CB-K19/0016
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2022-1175
dfn-cert: DFN-CERT-2020-0353
dfn-cert: DFN-CERT-2019-1110
dfn-cert: DFN-CERT-2019-0900
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0406
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2379
dfn-cert: DFN-CERT-2018-2107
dfn-cert: DFN-CERT-2018-1417
dfn-cert: DFN-CERT-2018-1361

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-03 (cpuoct2018) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: See reference
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to gain elevated privileges, cause partial denial of
service conditions, partially modify and access data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.6.0 through [Link], 1.7.0 through [Link], 1.8.0 through [Link]
and 11.

. . . continues on next page . . .

2 RESULTS PER HOST 237

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws are due to errors in components 'JNDI', 'Deployment (libpng)', 'Security', 'Net-
working' and 'JSSE'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-03 (cpuoct2018) - Windows
OID:[Link].4.1.25623.1.0.814099
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-3149
cve: CVE-2018-13785
cve: CVE-2018-3136
cve: CVE-2018-3139
cve: CVE-2018-3180
cve: CVE-2018-14048
url: [Link]
advisory-id: cpuoct2018
cert-bund: CB-K19/1121
cert-bund: CB-K19/0175
cert-bund: CB-K19/0016
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2022-1175
dfn-cert: DFN-CERT-2020-0353
dfn-cert: DFN-CERT-2019-1110
dfn-cert: DFN-CERT-2019-0900
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0406
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2379
dfn-cert: DFN-CERT-2018-2107
dfn-cert: DFN-CERT-2018-1417
dfn-cert: DFN-CERT-2018-1361

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-03 (cpuoct2018) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

. . . continues on next page . . .
2 RESULTS PER HOST 238

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: See reference
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to gain elevated privileges, cause partial denial of
service conditions, partially modify and access data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.6.0 through [Link], 1.7.0 through [Link], 1.8.0 through [Link]
and 11.

Vulnerability Insight
Multiple aws are due to errors in components 'JNDI', 'Deployment (libpng)', 'Security', 'Net-
working' and 'JSSE'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-03 (cpuoct2018) - Windows
OID:[Link].4.1.25623.1.0.814099
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-3149
cve: CVE-2018-13785
cve: CVE-2018-3136
cve: CVE-2018-3139
cve: CVE-2018-3180
cve: CVE-2018-14048
url: [Link]
advisory-id: cpuoct2018
cert-bund: CB-K19/1121
cert-bund: CB-K19/0175
cert-bund: CB-K19/0016
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2022-1175
dfn-cert: DFN-CERT-2020-0353
dfn-cert: DFN-CERT-2019-1110
dfn-cert: DFN-CERT-2019-0900
dfn-cert: DFN-CERT-2019-0618
. . . continues on next page . . .
2 RESULTS PER HOST 239

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0406
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2379
dfn-cert: DFN-CERT-2018-2107
dfn-cert: DFN-CERT-2018-1417
dfn-cert: DFN-CERT-2018-1361

High (CVSS: 8.3)

NVT: Oracle Java SE Security Update (cpuapr2020 - 01) - Linux

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u251 ([Link]) and earlier, 8u241 ([Link]) and earlier, 11.0.6 and
earlier, 14.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Concurrency, Lightweight HTTP
Server, Serialization and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 01) - Linux
OID:[Link].4.1.25623.1.0.816859
. . . continues on next page . . .
2 RESULTS PER HOST 240

. . . continued from previous page . . .

Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2803
cve: CVE-2020-2805
cve: CVE-2020-2781
cve: CVE-2020-2830
cve: CVE-2020-2800
cve: CVE-2020-2773
cve: CVE-2020-2756
cve: CVE-2020-2757
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K21/0279
cert-bund: CB-K20/0319
cert-bund: CB-K20/0312
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-0778
dfn-cert: DFN-CERT-2020-0771

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-04 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to access sensitive data.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 241

. . . continued from previous page . . .

Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 10.0 through 10.0.1 and [Link] and earlier on Windows

Vulnerability Insight
The aw is due to an unspecied error in the Java SE Security component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-04 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813686
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2964
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2018-1902
dfn-cert: DFN-CERT-2018-1675
dfn-cert: DFN-CERT-2018-1405

High (CVSS: 8.3)

NVT: Oracle Java SE Security Update (cpuapr2020 - 01) - Linux

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.8.0update_144
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jdk1.8.0_144

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 242

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u251 ([Link]) and earlier, 8u241 ([Link]) and earlier, 11.0.6 and
earlier, 14.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Concurrency, Lightweight HTTP
Server, Serialization and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 01) - Linux
OID:[Link].4.1.25623.1.0.816859
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2803
cve: CVE-2020-2805
cve: CVE-2020-2781
cve: CVE-2020-2830
cve: CVE-2020-2800
cve: CVE-2020-2773
cve: CVE-2020-2756
cve: CVE-2020-2757
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K21/0279
cert-bund: CB-K20/0319
cert-bund: CB-K20/0312
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-0778
dfn-cert: DFN-CERT-2020-0771
2 RESULTS PER HOST 243

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates-04 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to access sensitive data.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 10.0 through 10.0.1 and [Link] and earlier on Windows

Vulnerability Insight
The aw is due to an unspecied error in the Java SE Security component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-04 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813686
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2964
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2018-1902
dfn-cert: DFN-CERT-2018-1675
dfn-cert: DFN-CERT-2018-1405
2 RESULTS PER HOST 244

High (CVSS: 8.3)

NVT: Oracle Java SE Security Update (cpuapr2020 - 01) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u251 ([Link]) and earlier, 8u241 ([Link]) and earlier, 11.0.6 and
earlier, 14.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Concurrency, Lightweight HTTP
Server, Serialization and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 01) - Windows
OID:[Link].4.1.25623.1.0.816855
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2803
cve: CVE-2020-2805
cve: CVE-2020-2781
cve: CVE-2020-2830
cve: CVE-2020-2800
cve: CVE-2020-2773
cve: CVE-2020-2756
cve: CVE-2020-2757
. . . continues on next page . . .
2 RESULTS PER HOST 245

. . . continued from previous page . . .

url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K21/0279
cert-bund: CB-K20/0319
cert-bund: CB-K20/0312
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-0778
dfn-cert: DFN-CERT-2020-0771

High (CVSS: 8.3)

NVT: Oracle Java SE Privilege Escalation Vulnerability-02 (oct2018-4428296) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw exists due to an error in the JavaFX component.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 246

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability-02 (oct2018-4428296) - Windows
OID:[Link].4.1.25623.1.0.814098
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-3209
url: [Link]
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2018-2107

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality and integrity via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier, 10.0 on
Windows.

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in 'Hotspot', 'Security', 'AWT', 'JMX' and
'Serialization' Java SE components

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 04 - Windows
. . . continues on next page . . .
2 RESULTS PER HOST 247

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.813301
Version used: 2023-11-24T[Link]Z

References
cve: CVE-2018-2814
cve: CVE-2018-2798
cve: CVE-2018-2797
cve: CVE-2018-2795
cve: CVE-2018-2790
cve: CVE-2018-2794
cve: CVE-2018-2815
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0821
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-1470
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-0724

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality and integrity via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 248

. . . continued from previous page . . .

Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier, 10.0 on
Windows.

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in 'Hotspot', 'Security', 'AWT', 'JMX' and
'Serialization' Java SE components

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 04 - Windows
OID:[Link].4.1.25623.1.0.813301
Version used: 2023-11-24T[Link]Z

References
cve: CVE-2018-2814
cve: CVE-2018-2798
cve: CVE-2018-2797
cve: CVE-2018-2795
cve: CVE-2018-2790
cve: CVE-2018-2794
cve: CVE-2018-2815
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0821
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-1470
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-0724

High (CVSS: 8.3)

NVT: Oracle Java SE Privilege Escalation Vulnerability-02 (oct2018-4428296) - Windows

Summary
Oracle Java SE is prone to a privilege escalation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

. . . continues on next page . . .

2 RESULTS PER HOST 249

. . . continued from previous page . . .

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw exists due to an error in the JavaFX component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability-02 (oct2018-4428296) - Windows
OID:[Link].4.1.25623.1.0.814098
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-3209
url: [Link]
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2018-2107

High (CVSS: 8.3)

NVT: Oracle Java SE Security Updates - 01 - (cpujul2020) - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 250

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u251 ([Link]) and earlier.

Vulnerability Insight
The aw exists due to an error in the 'JavaFX' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 01 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118162
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14664
url: [Link]
cert-bund: WID-SEC-2022-1522
cert-bund: CB-K20/0715
dfn-cert: DFN-CERT-2020-1531

High (CVSS: 8.1)

NVT: Microsoft Windows Multiple Vulnerabilities (4013078)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS17-012.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23688

Impact
Successful exploitation will allow an attacker to bypass security, obtain sensitive information,
run arbitrary code, cause the aected system to stop responding until it is manually restarted,
take control of the aected system. An attacker could then:
- install programs
- view, change, or delete data
- create new accounts with full user rights.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 251

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
Multiple aws are due to:
- The Device Guard does not properly validate certain elements of a signed PowerShell script.
- An improper handling of certain requests sent by a malicious SMB server to the client.
- Microsoft Windows fails to properly validate input before loading certain dynamic link library
(DLL) les.
- Windows dnsclient fails to properly handle requests.
- A DCOM object in [Link] congured to run as the interactive user fails to properly
authenticate the client.
- iSNS Server service fails to properly validate input from the client, leading to an integer overow.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (4013078)
OID:[Link].4.1.25623.1.0.810593
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2017-0007
cve: CVE-2017-0016
cve: CVE-2017-0039
cve: CVE-2017-0057
cve: CVE-2017-0100
cve: CVE-2017-0104
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 252

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: CB-K17/0443
cert-bund: CB-K17/0197
dfn-cert: DFN-CERT-2017-0451
dfn-cert: DFN-CERT-2017-0200

High (CVSS: 8.1)

NVT: Oracle Java SE Security Update (cpujan2020 - 01) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u241 ([Link]) and earlier, 8u231 ([Link]) and earlier, 11.0.5 and
earlier, 13.0.1.

Vulnerability Insight
Multiple aws are due to errors in components Serialization, JavaFX (libxslt), Networking, Li-
braries and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpujan2020 - 01) - Windows
OID:[Link].4.1.25623.1.0.815899
Version used: 2025-01-21T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 253

. . . continued from previous page . . .

cve: CVE-2020-2604
cve: CVE-2020-2601
cve: CVE-2020-2593
cve: CVE-2020-2654
cve: CVE-2020-2590
cve: CVE-2020-2583
url: [Link]
cert-bund: WID-SEC-2023-0234
cert-bund: WID-SEC-2023-0016
cert-bund: CB-K20/1075
cert-bund: CB-K20/0224
cert-bund: CB-K20/0139
cert-bund: CB-K20/0039
cert-bund: CB-K20/0027
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1561
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2020-0283
dfn-cert: DFN-CERT-2020-0246
dfn-cert: DFN-CERT-2020-0097
dfn-cert: DFN-CERT-2020-0095

High (CVSS: 8.1)

NVT: Oracle Java SE Security Update (cpujan2020 - 01) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 254

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u241 ([Link]) and earlier, 8u231 ([Link]) and earlier, 11.0.5 and
earlier, 13.0.1.

Vulnerability Insight
Multiple aws are due to errors in components Serialization, JavaFX (libxslt), Networking, Li-
braries and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpujan2020 - 01) - Windows
OID:[Link].4.1.25623.1.0.815899
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2604
cve: CVE-2020-2601
cve: CVE-2020-2593
cve: CVE-2020-2654
cve: CVE-2020-2590
cve: CVE-2020-2583
url: [Link]
cert-bund: WID-SEC-2023-0234
cert-bund: WID-SEC-2023-0016
cert-bund: CB-K20/1075
cert-bund: CB-K20/0224
cert-bund: CB-K20/0139
cert-bund: CB-K20/0039
cert-bund: CB-K20/0027
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1561
dfn-cert: DFN-CERT-2020-1425
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2020-0283
dfn-cert: DFN-CERT-2020-0246
dfn-cert: DFN-CERT-2020-0097
dfn-cert: DFN-CERT-2020-0095
2 RESULTS PER HOST 255

High (CVSS: 8.1)

NVT: Microsoft Windows Group Policy Elevation of Privilege Vulnerability (3163622)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-072

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385
Vulnerable range:

Impact
Successful exploitation will allow an attacker to potentially escalate permissions or perform ad-
ditional privileged actions on the target machine.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
An elevation of privilege aw exists when Microsoft Windows processes group policy updates.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Group Policy Elevation of Privilege Vulnerability (3163622)
OID:[Link].4.1.25623.1.0.808162
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3223
url: [Link]
url: [Link]
cert-bund: CB-K16/0914
. . . continues on next page . . .
2 RESULTS PER HOST 256

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2016-0969

High (CVSS: 8.1)

NVT: Microsoft Windows Multiple Vulnerabilities (3124901)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-007.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7600.16385
Vulnerable range: Less than 6.1.7601.19091

Impact
Successful exploitation will allow an attacker to gain access to the remote host as another user,
possibly with elevated privileges and to take complete control of an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- A security feature bypass vulnerability exists in Windows Remote Desktop Protocol, that is
caused when Windows hosts running RDP services fail to prevent remote logon to accounts that
have no passwords set.
- Multiple elevation of privilege vulnerabilities exist when Windows improperly validates input
before loading dynamic link library (DLL) les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 257

. . . continued from previous page . . .

Details: Microsoft Windows Multiple Vulnerabilities (3124901)
OID:[Link].4.1.25623.1.0.807029
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-0014
cve: CVE-2016-0015
cve: CVE-2016-0016
cve: CVE-2016-0018
cve: CVE-2016-0019
cve: CVE-2016-0020
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0057
dfn-cert: DFN-CERT-2016-0064

High (CVSS: 8.1)

NVT: Oracle Java SE Multiple Vulnerabilities (Jul 2025) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to gain unauthorized access to critical data and take
control of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 258

. . . continued from previous page . . .

Oracle Java SE version 8u451 and prior, 11.0.x through 11.0.27, 17.0.x through 17.0.15, 21.0.x
through 21.0.7 and 24.0.x through 24.0.1 on Windows

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.836518
Version used: 2025-07-18T[Link]Z

References
cve: CVE-2025-30749
cve: CVE-2025-50106
cve: CVE-2025-30754
url: [Link]
cert-bund: WID-SEC-2025-1850
cert-bund: WID-SEC-2025-1569
dfn-cert: DFN-CERT-2025-3170
dfn-cert: DFN-CERT-2025-2550
dfn-cert: DFN-CERT-2025-2158
dfn-cert: DFN-CERT-2025-2099
dfn-cert: DFN-CERT-2025-2048
dfn-cert: DFN-CERT-2025-1900
dfn-cert: DFN-CERT-2025-1899

High (CVSS: 8.1)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4284826)

Summary
This host is missing a critical security update according to Microsoft KB4284826

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24150
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to obtain information to further compromise the
user's system, run processes in an elevated context, inject code into a trusted PowerShell process,
execute arbitrary code, read privileged data, force the browser to send restricted data, install
programs and create a denial of service condition.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 259

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to errors,
- When Internet Explorer improperly accesses objects in memory.
- When the Windows kernel improperly handles objects in memory.
- When Windows improperly handles objects in memory.
- When the (Human Interface Device) HID Parser Library driver improperly handles objects in
memory.
- When NTFS improperly checks access.
- When Windows Media Foundation improperly handles objects in memory.
- In the way that the scripting engine handles objects in memory in Internet Explorer.
- When the Windows kernel fails to properly handle objects in memory.
- In Windows Domain Name System (DNS) DNSAPI.
- In the way that the Windows Code Integrity Module performs hashing.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4284826)
OID:[Link].4.1.25623.1.0.813533
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2018-0978
cve: CVE-2018-1036
cve: CVE-2018-1040
cve: CVE-2018-8169
cve: CVE-2018-8205
cve: CVE-2018-8207
cve: CVE-2018-8224
cve: CVE-2018-8225
cve: CVE-2018-8249
cve: CVE-2018-8251
cve: CVE-2018-8267
url: [Link]
cert-bund: CB-K18/0726
cert-bund: CB-K18/0724
dfn-cert: DFN-CERT-2018-1141
dfn-cert: DFN-CERT-2018-1137
2 RESULTS PER HOST 260

High (CVSS: 8.1)

NVT: Oracle Java SE Multiple Vulnerabilities (Jul 2025) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to gain unauthorized access to critical data and take
control of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u451 and prior, 11.0.x through 11.0.27, 17.0.x through 17.0.15, 21.0.x
through 21.0.7 and 24.0.x through 24.0.1 on Windows

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.836518
Version used: 2025-07-18T[Link]Z

References
cve: CVE-2025-30749
cve: CVE-2025-50106
cve: CVE-2025-30754
url: [Link]
cert-bund: WID-SEC-2025-1850
cert-bund: WID-SEC-2025-1569
dfn-cert: DFN-CERT-2025-3170
dfn-cert: DFN-CERT-2025-2550
dfn-cert: DFN-CERT-2025-2158
dfn-cert: DFN-CERT-2025-2099
dfn-cert: DFN-CERT-2025-2048
dfn-cert: DFN-CERT-2025-1900
. . . continues on next page . . .
2 RESULTS PER HOST 261

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-1899

High (CVSS: 8.1)

NVT: Microsoft Windows Print Spooler Components Multiple Vulnerabilities (3170005)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-087

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23488

Impact
Successful exploitation will allow an attacker to execute arbitrary code and take control of an
aected system, also allows local users to gain privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 for 32-bit/64-bit

Vulnerability Insight
Multiple aws exist due to
- When the Windows Print Spooler service improperly allows arbitrary writing to the le system.
- An improper validation of print drivers while installing a printer from servers.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Print Spooler Components Multiple Vulnerabilities (3170005)
OID:[Link].4.1.25623.1.0.808194
Version used: 2023-07-20T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 262

. . . continued from previous page . . .

References
cve: CVE-2016-3238
cve: CVE-2016-3239
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1057
dfn-cert: DFN-CERT-2016-1125

High (CVSS: 8.1)

NVT: Microsoft Internet Explorer Multiple Vulnerabilities (3096441)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-106.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: 8.0.7601.17000 - 8.0.7601.19002

Impact
Successful exploitation will allow remote attackers to corrupt memory and potentially execute
arbitrary code in the context of the current user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Internet Explorer version 7.x/8.x/9.x/10.x/11.x.

Vulnerability Insight
Multiple aws are due to:
- Multiple improper handling memory objects,
- Improper permissions validation, allowing a script to be run with elevated privileges.
- An error in 'CAttrArray' object implementation.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Vulnerabilities (3096441)
OID:[Link].4.1.25623.1.0.805761
. . . continues on next page . . .
2 RESULTS PER HOST 263

. . . continued from previous page . . .

Version used: 2023-11-02T[Link]Z

References
cve: CVE-2015-2482
cve: CVE-2015-6042
cve: CVE-2015-6044
cve: CVE-2015-6046
cve: CVE-2015-6047
cve: CVE-2015-6048
cve: CVE-2015-6049
cve: CVE-2015-6050
cve: CVE-2015-6051
cve: CVE-2015-6052
cve: CVE-2015-6053
cve: CVE-2015-6055
cve: CVE-2015-6056
cve: CVE-2015-6059
cve: CVE-2015-6184
url: [Link]
url: [Link]
cert-bund: CB-K15/1507
cert-bund: CB-K15/1504
dfn-cert: DFN-CERT-2015-1586
dfn-cert: DFN-CERT-2015-1583

High (CVSS: 8.1)

NVT: Oracle Java SE Security Updates (apr2019-5072813) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attacker to have an impact on
condentiality, integrity and availability

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 264

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u211([Link]) and earlier, 8u202([Link]) and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in '2D' component of the Java SE

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2019-5072813) 02 - Windows
OID:[Link].4.1.25623.1.0.815102
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2698
cve: CVE-2019-2697
url: [Link]
,→l#AppendixJAVA
cert-bund: CB-K19/0658
cert-bund: CB-K19/0552
cert-bund: CB-K19/0317
dfn-cert: DFN-CERT-2019-1523
dfn-cert: DFN-CERT-2019-1107
dfn-cert: DFN-CERT-2019-0915
dfn-cert: DFN-CERT-2019-0887
dfn-cert: DFN-CERT-2019-0773

High (CVSS: 8.1)

NVT: Oracle Java SE Security Updates (apr2019-5072813) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 265

. . . continued from previous page . . .

Successful exploitation of this vulnerability will allow remote attacker to have an impact on
condentiality, integrity and availability

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u211([Link]) and earlier, 8u202([Link]) and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in '2D' component of the Java SE

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2019-5072813) 02 - Windows
OID:[Link].4.1.25623.1.0.815102
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2698
cve: CVE-2019-2697
url: [Link]
,→l#AppendixJAVA
cert-bund: CB-K19/0658
cert-bund: CB-K19/0552
cert-bund: CB-K19/0317
dfn-cert: DFN-CERT-2019-1523
dfn-cert: DFN-CERT-2019-1107
dfn-cert: DFN-CERT-2019-0915
dfn-cert: DFN-CERT-2019-0887
dfn-cert: DFN-CERT-2019-0773

High (CVSS: 8.1)

NVT: Microsoft Edge and Internet Explorer Type Confusion RCE Vulnerability

Summary
Microsoft Edge or Internet Explorer is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
. . . continues on next page . . .
2 RESULTS PER HOST 266

. . . continued from previous page . . .

Vulnerable range: 11.0.9600.18538 and prior

Impact
Successful exploitation will allow an attacker to execute arbitrary code in the context of the
currently logged-in user. Failed attacks will cause denial of service conditions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012R2
- Microsoft Windows 10 Version 1511, 1607 x32/x64
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
The aw exists due to a type confusion issue in the 'Lay-
out::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement' function
in [Link].

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Edge and Internet Explorer Type Confusion RCE Vulnerability
OID:[Link].4.1.25623.1.0.810577
Version used: 2024-07-17T[Link]Z

References
cve: CVE-2017-0037
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0439
cert-bund: CB-K17/0436
cert-bund: CB-K17/0338
dfn-cert: DFN-CERT-2017-0450
dfn-cert: DFN-CERT-2017-0444
dfn-cert: DFN-CERT-2017-0348
2 RESULTS PER HOST 267

High (CVSS: 8.1)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4592471)

Summary
This host is missing a critical security update according to Microsoft KB4592471

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24563
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges and disclose sensitive informa-
tion.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An error in the Backup Engine allows a local authenticated malicious user to gain elevated
privileges on the system.
- An error in Kerberos Security Feature.
- An error in the GDI+ component.
- An error in the SMBv2 component. Please see the references for more information about the
vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4592471)
OID:[Link].4.1.25623.1.0.817545
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2020-16958
cve: CVE-2020-16959
cve: CVE-2020-16960
. . . continues on next page . . .
2 RESULTS PER HOST 268

. . . continued from previous page . . .

cve: CVE-2020-16961
cve: CVE-2020-16962
cve: CVE-2020-16963
cve: CVE-2020-16964
cve: CVE-2020-17049
cve: CVE-2020-17098
cve: CVE-2020-17140
url: [Link]
cert-bund: WID-SEC-2023-1542
cert-bund: WID-SEC-2022-2280
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0302
cert-bund: CB-K21/1126
cert-bund: CB-K20/1214
cert-bund: CB-K20/1109
dfn-cert: DFN-CERT-2024-0078
dfn-cert: DFN-CERT-2023-1053
dfn-cert: DFN-CERT-2022-1686
dfn-cert: DFN-CERT-2022-0332
dfn-cert: DFN-CERT-2020-2669
dfn-cert: DFN-CERT-2020-2464

High (CVSS: 7.8)

NVT: Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (3171481)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-090.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23471

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode, and obtain
information to further compromise the user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 269

. . . continued from previous page . . .

- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
Multiple aws exist due to:
- When the Windows kernel-mode driver fails to properly handle objects in memory.
- When the Windows GDI component improperly discloses kernel memory addresses.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (317.
,→..
OID:[Link].4.1.25623.1.0.808577
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-3249
cve: CVE-2016-3250
cve: CVE-2016-3251
cve: CVE-2016-3252
cve: CVE-2016-3254
cve: CVE-2016-3286
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1057
dfn-cert: DFN-CERT-2016-1125

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4534310)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 270

. . . continued from previous page . . .

This host is missing a critical security update according to Microsoft KB4534310

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 11.0.9600.19597
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514

Impact
Successful exploitation will allow an attacker to execute arbitrary code, obtain information to
further compromise the user's system, gain elevated privileges and break out of the Edge App-
Container sandbox and run processes in an elevated context.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist in Microsoft Scripting Engine, Windows Input and Composition, Windows
Media, Windows Storage and Filesystems, and Windows Server.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4534310)
OID:[Link].4.1.25623.1.0.815560
Version used: 2023-10-20T[Link]Z

References
cve: CVE-2020-0607
cve: CVE-2020-0608
cve: CVE-2020-0611
cve: CVE-2020-0615
cve: CVE-2020-0620
cve: CVE-2020-0625
cve: CVE-2020-0626
cve: CVE-2020-0627
cve: CVE-2020-0628
cve: CVE-2020-0629
cve: CVE-2020-0630
cve: CVE-2020-0631
. . . continues on next page . . .
2 RESULTS PER HOST 271

. . . continued from previous page . . .

cve: CVE-2020-0632
cve: CVE-2020-0634
cve: CVE-2020-0635
cve: CVE-2020-0637
cve: CVE-2020-0639
cve: CVE-2020-0640
cve: CVE-2020-0642
cve: CVE-2020-0643
url: [Link]
cert-bund: CB-K20/0049
cert-bund: CB-K20/0047
dfn-cert: DFN-CERT-2020-0082
dfn-cert: DFN-CERT-2020-0080

High (CVSS: 7.8)

NVT: Microsoft Windows Network Policy Server Denial-of-Service Vulnerability (3014029)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-007.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to cause a DoS (Denial of Service).

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2012/R2

Vulnerability Insight
The aw is due to an error within the RADIUS implementation related to Internet Authentication
Service (IAS) and Network Policy Server (NPS).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 272

. . . continued from previous page . . .

Details: Microsoft Windows Network Policy Server Denial-of-Service Vulnerability (301402.
,→..
OID:[Link].4.1.25623.1.0.805241
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0015
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0038
dfn-cert: DFN-CERT-2015-0036

High (CVSS: 7.8)

NVT: Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS14-064.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attacker to execute arbitrary code and compromise a
user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 273

. . . continued from previous page . . .

A aw exists due to unspecied errors when handling OLE objects within Microsoft Oce les
and Internet Explorer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)
OID:[Link].4.1.25623.1.0.805015
Version used: 2024-07-25T[Link]Z

References
cve: CVE-2014-6332
cve: CVE-2014-6352
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/1402
cert-bund: CB-K14/1321
dfn-cert: DFN-CERT-2014-1473
dfn-cert: DFN-CERT-2014-1390

High (CVSS: 7.8)

NVT: Microsoft Windows OLE Remote Code Execution Vulnerability (3146706)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-044.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23392

Impact
Successful exploitation will allow attackers to execute malicious code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 274

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012R2

Vulnerability Insight
The aw is due to Microsoft Windows OLE fails to properly validate user input.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows OLE Remote Code Execution Vulnerability (3146706)
OID:[Link].4.1.25623.1.0.807789
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0153
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0546
dfn-cert: DFN-CERT-2016-0589

High (CVSS: 7.8)

NVT: 7zip RAR Denial of Service Vulnerability - Windows

Summary
7zip is prone to a RAR Denial of Service Vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: 18.05
Installation
path / port: C:\Program Files\7-Zip\

Solution:
Solution type: VendorFix
Upgrade to 7zip version 18.05 or later.
. . . continues on next page . . .
2 RESULTS PER HOST 275

. . . continued from previous page . . .

Aected Software/OS
7zip through version 18.03.

Vulnerability Insight
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage
of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation
fault) or execute arbitrary code via a crafted RAR archive.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7zip RAR Denial of Service Vulnerability - Windows
OID:[Link].4.1.25623.1.0.107312
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-10115
url: [Link]
,→25&page=1#b240
cert-bund: CB-K18/0647
dfn-cert: DFN-CERT-2018-1416
dfn-cert: DFN-CERT-2018-0853

High (CVSS: 7.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (4013075)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS17-013.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23677

Impact
Successful exploitation will allow an attacker to perform remote code execution, gain access to
potentially sensitive information and gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 276

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 8 x86/x64
- Microsoft Windows XP SP2 x64 / SP3 x86
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10/1511/1607 x32/x64
- Microsoft Windows Server 2012/2012R2/2016
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to
- The way the Windows Graphics Device Interface (GDI) handles objects in memory.
- The Windows GDI component improperly discloses the contents of its memory.
- The way that the Color Management Module ([Link]) handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (4013075)
OID:[Link].4.1.25623.1.0.810811
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2017-0001
cve: CVE-2017-0005
cve: CVE-2017-0025
cve: CVE-2017-0047
cve: CVE-2017-0060
cve: CVE-2017-0062
cve: CVE-2017-0073
cve: CVE-2017-0061
cve: CVE-2017-0063
cve: CVE-2017-0038
cve: CVE-2017-0108
cve: CVE-2017-0014
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
cert-bund: CB-K17/0441
dfn-cert: DFN-CERT-2017-0454
dfn-cert: DFN-CERT-2017-0451
2 RESULTS PER HOST 277

High (CVSS: 7.8)

NVT: Microsoft .NET Framework Multiple Vulnerabilities (KB4570506)

Summary
This host is missing an important security update according to Microsoft KB4570506

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 4.0 - 4.0.30319.36659
File checked: C:\Windows\[Link]\Framework64\v4.0.30319\[Link]
File version: 4.0.30319.18408

Impact
Successful exploitation will allow an attacker to gain access to restricted les and take control of
an aected system

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft
Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
Multiple aws exist due to
- An error when [Link] or .NET web applications running on IIS improperly allow access to
cached les.
- An error when Microsoft .NET Framework processes input.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple Vulnerabilities (KB4570506)
OID:[Link].4.1.25623.1.0.817320
Version used: 2021-08-11T[Link]Z

References
cve: CVE-2020-1476
cve: CVE-2020-1046
url: [Link]
cert-bund: CB-K20/0811
dfn-cert: DFN-CERT-2020-1773
2 RESULTS PER HOST 278

High (CVSS: 7.8)

NVT: Microsoft .NET Framework Multiple Vulnerabilities (KB4579977)

Summary
This host is missing a critical security update according to Microsoft KB4579977

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 2.0.50727 - 2.0.50727.8952
File checked: C:\Windows\[Link]\Framework64\[Link]
,→l
File version: 2.0.50727.5420

Impact
Successful exploitation will allow an attacker to gain access to sensitive information and run
arbitrary code in the context of the process responsible for deserialization of the XML content.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft
Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
Multiple aws exist due to:
- An error in .NET Framework when the software fails to check the source markup of XML le
input.
- An error when the .NET Framework improperly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple Vulnerabilities (KB4579977)
OID:[Link].4.1.25623.1.0.817393
Version used: 2022-08-09T[Link]Z

References
cve: CVE-2020-1147
cve: CVE-2020-16937
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K20/0983
. . . continues on next page . . .
2 RESULTS PER HOST 279

. . . continued from previous page . . .

cert-bund: CB-K20/0704
cert-bund: CB-K20/0694
dfn-cert: DFN-CERT-2020-2236
dfn-cert: DFN-CERT-2020-1522
dfn-cert: DFN-CERT-2020-1521
dfn-cert: DFN-CERT-2020-1516

High (CVSS: 7.8)

NVT: Microsoft .NET Framework Remote Code Execution Vulnerability (KB4566517)

Summary
This host is missing a critical security update according to Microsoft KB4566517

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 4.0 - 4.0.30319.36644
File checked: C:\Windows\[Link]\Framework64\v4.0.30319\[Link].d
,→ll
File version: 4.0.30319.18408

Impact
Successful exploitation will allow an attacker to run arbitrary code in the context of the process
responsible for deserialization of the XML content.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft
Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
The aw exists due to an error in .NET Framework when the software fails to check the source
markup of XML le input.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Remote Code Execution Vulnerability (KB4566517)
OID:[Link].4.1.25623.1.0.817308
Version used: 2022-08-09T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 280

. . . continued from previous page . . .

cve: CVE-2020-1147
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K20/0704
cert-bund: CB-K20/0694
dfn-cert: DFN-CERT-2020-1522
dfn-cert: DFN-CERT-2020-1521
dfn-cert: DFN-CERT-2020-1516

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4471318)

Summary
This host is missing a critical security update according to Microsoft KB4471318

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24313
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow attackers to run arbitrary code, elevate privileges and obtain
information to further compromise the user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- Windows kernel improperly handles objects in memory.
- Internet Explorer VBScript execution policy does not properly restrict VBScript under specic
conditions.
- Scripting engine improperly handles objects in memory in Internet Explorer.
- Windows kernel-mode driver fails to properly handle objects in memory.
- Internet Explorer improperly accesses objects in memory.
- Windows GDI component improperly discloses the contents of its memory.
. . . continues on next page . . .
2 RESULTS PER HOST 281

. . . continued from previous page . . .

- Windows Domain Name System (DNS) servers when they fail to properly handle requests.
- Windows Win32k component fails to properly handle objects in memory.
- VBScript engine improperly handles objects in memory.
- Remote Procedure Call runtime improperly initializes objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4471318)
OID:[Link].4.1.25623.1.0.814619
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-8477
cve: CVE-2018-8514
cve: CVE-2018-8611
cve: CVE-2018-8619
cve: CVE-2018-8621
cve: CVE-2018-8622
cve: CVE-2018-8625
cve: CVE-2018-8631
cve: CVE-2018-8639
cve: CVE-2018-8641
cve: CVE-2018-8643
cve: CVE-2018-8595
cve: CVE-2018-8596
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: CB-K18/1171
cert-bund: CB-K18/1166
dfn-cert: DFN-CERT-2018-2523
dfn-cert: DFN-CERT-2018-2520

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4338818)

Summary
This host is missing a critical security update according to Microsoft KB4338818

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24168
File checked: C:\Windows\system32\[Link]
. . . continues on next page . . .
2 RESULTS PER HOST 282

. . . continued from previous page . . .

File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to bypass security, cause a target system to stop
responding, execute arbitrary code in the context of the current user and elevate privileges on
an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to errors,
- When Internet Explorer improperly accesses objects in memory.
- When Windows improperly handles File Transfer Protocol (FTP) connections.
- When the scripting engine improperly handles objects in memory in Internet Explorer.
- When Windows kernel-mode driver fails to properly handle objects in memory.
- When Windows Domain Name System (DNS) [Link] fails to properly handle DNS re-
sponses.
- When Microsoft WordPad improperly handles embedded OLE objects.
- When Windows fails a check, allowing a sandbox escape.
- Involving side channel speculative execution, known as Lazy FP State Restore.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4338818)
OID:[Link].4.1.25623.1.0.813645
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-8282
cve: CVE-2018-0949
cve: CVE-2018-8206
cve: CVE-2018-8242
cve: CVE-2018-8287
cve: CVE-2018-8288
cve: CVE-2018-8291
cve: CVE-2018-8296
cve: CVE-2018-8304
cve: CVE-2018-8307
cve: CVE-2018-8308
cve: CVE-2018-8309
. . . continues on next page . . .
2 RESULTS PER HOST 283

. . . continued from previous page . . .

cve: CVE-2018-8314
cve: CVE-2018-3665
url: [Link]
cert-bund: CB-K19/0271
cert-bund: CB-K18/0778
cert-bund: CB-K18/0774
cert-bund: CB-K18/0773
cert-bund: CB-K18/0772
cert-bund: CB-K18/0765
cert-bund: CB-K18/0730
dfn-cert: DFN-CERT-2019-0987
dfn-cert: DFN-CERT-2019-0069
dfn-cert: DFN-CERT-2018-2441
dfn-cert: DFN-CERT-2018-2399
dfn-cert: DFN-CERT-2018-2349
dfn-cert: DFN-CERT-2018-1734
dfn-cert: DFN-CERT-2018-1722
dfn-cert: DFN-CERT-2018-1468
dfn-cert: DFN-CERT-2018-1452
dfn-cert: DFN-CERT-2018-1446
dfn-cert: DFN-CERT-2018-1385
dfn-cert: DFN-CERT-2018-1357
dfn-cert: DFN-CERT-2018-1356
dfn-cert: DFN-CERT-2018-1355
dfn-cert: DFN-CERT-2018-1352
dfn-cert: DFN-CERT-2018-1351
dfn-cert: DFN-CERT-2018-1349
dfn-cert: DFN-CERT-2018-1346
dfn-cert: DFN-CERT-2018-1332
dfn-cert: DFN-CERT-2018-1293
dfn-cert: DFN-CERT-2018-1290
dfn-cert: DFN-CERT-2018-1279
dfn-cert: DFN-CERT-2018-1270
dfn-cert: DFN-CERT-2018-1260
dfn-cert: DFN-CERT-2018-1228
dfn-cert: DFN-CERT-2018-1206
dfn-cert: DFN-CERT-2018-1205
dfn-cert: DFN-CERT-2018-1190
dfn-cert: DFN-CERT-2018-1170
dfn-cert: DFN-CERT-2018-1150

High (CVSS: 7.8)

NVT: Microsoft Windows ICMPv6 Packet Denial of Service Vulnerability (2868623)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 284

. . . continued from previous page . . .

This host is missing an important security update according to Microsoft Bulletin MS13-065.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to cause denial of service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
Flaw is due to an error within the TCP/IP stack when handling ICMPv6 packets.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows ICMPv6 Packet Denial of Service Vulnerability (2868623)
OID:[Link].4.1.25623.1.0.903316
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-3183
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-1468

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4074598)

Summary
This host is missing a critical security update according to Microsoft KB4074598

. . . continues on next page . . .

2 RESULTS PER HOST 285

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24023
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker who successfully exploited the vulnerability to run
arbitrary code in the context of the current user, read data that was not intended to be disclosed,
gain the same user rights as the current user, obtain information to further compromise the user's
system, spoof content, perform phishing attacks, or otherwise manipulate content of a document.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- The software fails to properly handle objects in memory.
- The Microsoft Windows Embedded OpenType (EOT) font engine fails to properly parse spe-
cially crafted embedded fonts.
- The scripting engine improperly handles objects in memory.
- The Windows Common Log File System (CLFS) driver improperly handles objects in memory.
- The VBScript improperly discloses the contents of its memory.
- The Windows Kernel handles objects in memory.
- The Windows kernel fails to properly initialize a memory address.
- Microsoft has deprecated the Document Signing functionality in XPS Viewer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4074598)
OID:[Link].4.1.25623.1.0.812767
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-0742
cve: CVE-2018-0755
cve: CVE-2018-0757
cve: CVE-2018-0760
cve: CVE-2018-0761
cve: CVE-2018-0810
. . . continues on next page . . .
2 RESULTS PER HOST 286

. . . continued from previous page . . .

cve: CVE-2018-0820
cve: CVE-2018-0825
cve: CVE-2018-0829
cve: CVE-2018-0830
cve: CVE-2018-0840
cve: CVE-2018-0842
cve: CVE-2018-0844
cve: CVE-2018-0846
cve: CVE-2018-0847
cve: CVE-2018-0855
cve: CVE-2018-0866
url: [Link]
cert-bund: CB-K18/0282
cert-bund: CB-K18/0279
cert-bund: CB-K18/0278
cert-bund: CB-K18/0276
dfn-cert: DFN-CERT-2018-0301
dfn-cert: DFN-CERT-2018-0300
dfn-cert: DFN-CERT-2018-0299
dfn-cert: DFN-CERT-2018-0295

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4056897)

Summary
This host is missing an important security update according to Microsoft KB4056897

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24000
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to execute arbitrary code and take control of an
aected system, elevate their user rights, gain access to sensitive data, bypass certain security
checks, impersonate processes, interject cross-process communication, interrupt system function-
ality and conduct bounds check bypass, branch target injection, rogue data cache load.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 287

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- Multiple errors in Windows Adobe Type Manager Font Driver ([Link]) when it fails to
properly handle objects in memory.
- An error in the Windows GDI component which improperly discloses kernel memory addresses.
- An error in the Microsoft Server Message Block (SMB) Server when an attacker with valid
credentials attempts to open a specially crafted le over the SMB protocol on the same machine.
- An error in the way that the Windows Kernel API enforces permissions.
- An error in the Windows kernel that could allow an attacker to retrieve information that could
lead to a Kernel Address Space Layout Randomization (ASLR) bypass.
- An error in the way that the Color Management Module ([Link]) handles objects in memory.
- Multiple errors leading to 'speculative execution side-channel attacks' that aect many modern
processors and operating systems including Intel, AMD, and ARM.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4056897)
OID:[Link].4.1.25623.1.0.812384
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-0741
cve: CVE-2018-0747
cve: CVE-2018-0748
cve: CVE-2018-0749
cve: CVE-2018-0750
cve: CVE-2018-0754
cve: CVE-2018-0788
cve: CVE-2017-5753
cve: CVE-2017-5715
cve: CVE-2017-5754
url: [Link]
cert-bund: WID-SEC-2025-1212
cert-bund: WID-SEC-2024-2008
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-0103
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-0532
cert-bund: CB-K20/0324
cert-bund: CB-K19/0774
cert-bund: CB-K18/1140
cert-bund: CB-K18/0898
cert-bund: CB-K18/0654
. . . continues on next page . . .
2 RESULTS PER HOST 288

. . . continued from previous page . . .

cert-bund: CB-K18/0651
cert-bund: CB-K18/0635
cert-bund: CB-K18/0601
cert-bund: CB-K18/0557
cert-bund: CB-K18/0551
cert-bund: CB-K18/0518
cert-bund: CB-K18/0472
cert-bund: CB-K18/0463
cert-bund: CB-K18/0398
cert-bund: CB-K18/0381
cert-bund: CB-K18/0370
cert-bund: CB-K18/0367
cert-bund: CB-K18/0356
cert-bund: CB-K18/0348
cert-bund: CB-K18/0347
cert-bund: CB-K18/0346
cert-bund: CB-K18/0338
cert-bund: CB-K18/0283
cert-bund: CB-K18/0257
cert-bund: CB-K18/0250
cert-bund: CB-K18/0244
cert-bund: CB-K18/0207
cert-bund: CB-K18/0184
cert-bund: CB-K18/0177
cert-bund: CB-K18/0165
cert-bund: CB-K18/0153
cert-bund: CB-K18/0148
cert-bund: CB-K18/0129
cert-bund: CB-K18/0099
cert-bund: CB-K18/0094
cert-bund: CB-K18/0054
cert-bund: CB-K18/0051
cert-bund: CB-K18/0049
cert-bund: CB-K18/0046
cert-bund: CB-K18/0040
cert-bund: CB-K18/0039
cert-bund: CB-K18/0023
cert-bund: CB-K18/0022
cert-bund: CB-K18/0021
cert-bund: CB-K18/0020
cert-bund: CB-K18/0017
cert-bund: CB-K18/0016
cert-bund: CB-K18/0011
cert-bund: CB-K18/0010
cert-bund: CB-K18/0009
cert-bund: CB-K17/2117
cert-bund: CB-K17/2113
. . . continues on next page . . .
2 RESULTS PER HOST 289

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-1705
dfn-cert: DFN-CERT-2025-0942
dfn-cert: DFN-CERT-2023-1947
dfn-cert: DFN-CERT-2023-1568
dfn-cert: DFN-CERT-2023-1377
dfn-cert: DFN-CERT-2023-1164
dfn-cert: DFN-CERT-2023-0879
dfn-cert: DFN-CERT-2023-0877
dfn-cert: DFN-CERT-2023-0876
dfn-cert: DFN-CERT-2023-0848
dfn-cert: DFN-CERT-2023-0795
dfn-cert: DFN-CERT-2023-0794
dfn-cert: DFN-CERT-2023-0793
dfn-cert: DFN-CERT-2023-0507
dfn-cert: DFN-CERT-2022-0531
dfn-cert: DFN-CERT-2021-2537
dfn-cert: DFN-CERT-2021-1829
dfn-cert: DFN-CERT-2020-1783
dfn-cert: DFN-CERT-2019-2374
dfn-cert: DFN-CERT-2019-1987
dfn-cert: DFN-CERT-2019-1985
dfn-cert: DFN-CERT-2019-1837
dfn-cert: DFN-CERT-2019-1415
dfn-cert: DFN-CERT-2019-1235
dfn-cert: DFN-CERT-2019-1150
dfn-cert: DFN-CERT-2019-0622
dfn-cert: DFN-CERT-2019-0613
dfn-cert: DFN-CERT-2018-2539
dfn-cert: DFN-CERT-2018-2465
dfn-cert: DFN-CERT-2018-2399
dfn-cert: DFN-CERT-2018-1869
dfn-cert: DFN-CERT-2018-1819
dfn-cert: DFN-CERT-2018-1794
dfn-cert: DFN-CERT-2018-1734
dfn-cert: DFN-CERT-2018-1726
dfn-cert: DFN-CERT-2018-1550
dfn-cert: DFN-CERT-2018-1504
dfn-cert: DFN-CERT-2018-1500
dfn-cert: DFN-CERT-2018-1494
dfn-cert: DFN-CERT-2018-1493
dfn-cert: DFN-CERT-2018-1446
dfn-cert: DFN-CERT-2018-1435
dfn-cert: DFN-CERT-2018-1386
dfn-cert: DFN-CERT-2018-1385
dfn-cert: DFN-CERT-2018-1364
dfn-cert: DFN-CERT-2018-1117
dfn-cert: DFN-CERT-2018-1108
. . . continues on next page . . .
2 RESULTS PER HOST 290

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-1032
dfn-cert: DFN-CERT-2018-1008
dfn-cert: DFN-CERT-2018-0991
dfn-cert: DFN-CERT-2018-0988
dfn-cert: DFN-CERT-2018-0933
dfn-cert: DFN-CERT-2018-0931
dfn-cert: DFN-CERT-2018-0878
dfn-cert: DFN-CERT-2018-0857
dfn-cert: DFN-CERT-2018-0821
dfn-cert: DFN-CERT-2018-0819
dfn-cert: DFN-CERT-2018-0818
dfn-cert: DFN-CERT-2018-0815
dfn-cert: DFN-CERT-2018-0808
dfn-cert: DFN-CERT-2018-0799
dfn-cert: DFN-CERT-2018-0796
dfn-cert: DFN-CERT-2018-0794
dfn-cert: DFN-CERT-2018-0760
dfn-cert: DFN-CERT-2018-0728
dfn-cert: DFN-CERT-2018-0682
dfn-cert: DFN-CERT-2018-0663
dfn-cert: DFN-CERT-2018-0631
dfn-cert: DFN-CERT-2018-0625
dfn-cert: DFN-CERT-2018-0605
dfn-cert: DFN-CERT-2018-0598
dfn-cert: DFN-CERT-2018-0552
dfn-cert: DFN-CERT-2018-0510
dfn-cert: DFN-CERT-2018-0499
dfn-cert: DFN-CERT-2018-0427
dfn-cert: DFN-CERT-2018-0410
dfn-cert: DFN-CERT-2018-0397
dfn-cert: DFN-CERT-2018-0394
dfn-cert: DFN-CERT-2018-0382
dfn-cert: DFN-CERT-2018-0377
dfn-cert: DFN-CERT-2018-0375
dfn-cert: DFN-CERT-2018-0372
dfn-cert: DFN-CERT-2018-0367
dfn-cert: DFN-CERT-2018-0310
dfn-cert: DFN-CERT-2018-0276
dfn-cert: DFN-CERT-2018-0267
dfn-cert: DFN-CERT-2018-0262
dfn-cert: DFN-CERT-2018-0224
dfn-cert: DFN-CERT-2018-0200
dfn-cert: DFN-CERT-2018-0194
dfn-cert: DFN-CERT-2018-0181
dfn-cert: DFN-CERT-2018-0167
dfn-cert: DFN-CERT-2018-0163
dfn-cert: DFN-CERT-2018-0137
. . . continues on next page . . .
2 RESULTS PER HOST 291

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-0104
dfn-cert: DFN-CERT-2018-0096
dfn-cert: DFN-CERT-2018-0066
dfn-cert: DFN-CERT-2018-0058
dfn-cert: DFN-CERT-2018-0054
dfn-cert: DFN-CERT-2018-0053
dfn-cert: DFN-CERT-2018-0045
dfn-cert: DFN-CERT-2018-0044
dfn-cert: DFN-CERT-2018-0031
dfn-cert: DFN-CERT-2018-0030
dfn-cert: DFN-CERT-2018-0029
dfn-cert: DFN-CERT-2018-0026
dfn-cert: DFN-CERT-2018-0025
dfn-cert: DFN-CERT-2018-0024
dfn-cert: DFN-CERT-2018-0022
dfn-cert: DFN-CERT-2018-0020
dfn-cert: DFN-CERT-2018-0019
dfn-cert: DFN-CERT-2017-2211
dfn-cert: DFN-CERT-2017-2210

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4048957)

Summary
This host is missing a critical security update according to Microsoft KB4048957

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.23915
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385

Impact
Successful exploitation will allow an attacker to read data that was not intended to be disclosed,
and obtain information to further compromise the user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 292

. . . continued from previous page . . .

- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1

Vulnerability Insight
Multiple aws exist as,
- This security update includes improvements and resolves the following issues: Addressed issue
where applications based on the Microsoft JET Database Engine (Microsoft Access 2007 and
older or non-Microsoft applications) fail when creating or opening Microsoft Excel .xls les.
- Security updates to Microsoft Windows Search Component, Microsoft Graphics Component,
Windows kernel-mode drivers, Windows Media Player, and Windows kernel.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4048957)
OID:[Link].4.1.25623.1.0.812149
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2017-11869
cve: CVE-2017-11768
cve: CVE-2017-11788
cve: CVE-2017-11880
cve: CVE-2017-11791
cve: CVE-2017-11827
cve: CVE-2017-11834
cve: CVE-2017-11835
cve: CVE-2017-11837
cve: CVE-2017-11838
cve: CVE-2017-11843
cve: CVE-2017-11846
cve: CVE-2017-11847
cve: CVE-2017-11848
cve: CVE-2017-11849
cve: CVE-2017-11851
cve: CVE-2017-11852
cve: CVE-2017-11853
cve: CVE-2017-11855
cve: CVE-2017-11856
cve: CVE-2017-11858
cve: CVE-2017-11831
cve: CVE-2017-11832
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 293

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/1955
cert-bund: CB-K17/1951
cert-bund: CB-K17/1949
dfn-cert: DFN-CERT-2017-2040
dfn-cert: DFN-CERT-2017-2039
dfn-cert: DFN-CERT-2017-2031

High (CVSS: 7.8)

NVT: Microsoft Windows Privilege Elevation Vulnerabilities (3124605)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-008

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19110

Impact
Successful exploitation will allow an authenticated user to execute code with elevated privileges
that would allow them to install programs.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 294

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 10 x32/x64

Vulnerability Insight
Multiple aws are due to improper validation of reparse points being set by sandbox applications

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Privilege Elevation Vulnerabilities (3124605)
OID:[Link].4.1.25623.1.0.806818
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-0006
cve: CVE-2016-0007
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0057
dfn-cert: DFN-CERT-2016-0064

High (CVSS: 7.8)

NVT: Microsoft Windows Privilege Elevation Vulnerability (3140410)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-031

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range:

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 295

. . . continued from previous page . . .

Successful exploitation will allow an attacker to run arbitrary code as system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
The aw is due to an imporper sanitization of handles in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Privilege Elevation Vulnerability (3140410)
OID:[Link].4.1.25623.1.0.807467
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0087
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0383
dfn-cert: DFN-CERT-2016-0412

High (CVSS: 7.8)

NVT: Microsoft Windows Privilege Elevation Vulnerability (3154846)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-060

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range:

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 296

. . . continued from previous page . . .

Successful exploitation will allow an attacker to elevate the privilege if an attacker logs on to an
aected system and runs a specially crafted application.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
The aw exists when the Windows kernel fails to properly handle parsing of certain symbolic
links.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Privilege Elevation Vulnerability (3154846)
OID:[Link].4.1.25623.1.0.807324
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0180
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0701
dfn-cert: DFN-CERT-2016-0759

High (CVSS: 7.8)

NVT: Microsoft Windows Privilege Escalation Vulnerabilities (3178465)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-101.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 297

. . . continued from previous page . . .

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23497

Impact
Successful exploitation will allow attackers to bypass certain security restrictions and perform
unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- An elevation of privilege vulnerability exists when Windows Netlogon improperly establishes a
secure communications channel to a domain controller.
- An elevation of privilege vulnerability exists in Windows when Kerberos improperly handles a
password change request and falls back to NT LAN Manager (NTLM) Authentication Protocol
as the default authentication protocol.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Privilege Escalation Vulnerabilities (3178465)
OID:[Link].4.1.25623.1.0.808291
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3237
cve: CVE-2016-3300
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 298

. . . continued from previous page . . .

cert-bund: CB-K16/1216
dfn-cert: DFN-CERT-2016-1300

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (3199172)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-130.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23584

Impact
Successful exploitation will allow an attacker to run arbitrary code with elevated system privileges
or run a specially crafted application.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64

Vulnerability Insight
Multiple aws exist due to
- The Windows Input Method Editor (IME) improperly handles DLL loading.
- The Windows Task Scheduler improperly schedule a new task.
- The Windows image le loading functionality does not properly handle malformed image les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (3199172)
OID:[Link].4.1.25623.1.0.809465
. . . continues on next page . . .
2 RESULTS PER HOST 299

. . . continued from previous page . . .

Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-7221
cve: CVE-2016-7222
cve: CVE-2016-7212
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (3134228)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-014.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 2001.12.8530.16385
Vulnerable range: 2001.12.8531.19135

Impact
Successful exploitation will allow an attacker to execute arbitrary code in kernel mode, to cause
denial of service conditions, to bypass authentication and can launch further attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 300

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- Windows kernel improperly handles objects in memory.
- Windows improperly validates input before loading dynamic link library (DLL) les.
- Insucient validation of input by Microsoft Sync Framework.
- Kerberos fails to check the password change of a user signing into a workstation.
- A security feature bypass vulnerability exists in Windows Remote Desktop Protocol, that is
caused when Windows hosts running RDP services fail to prevent remote logon to accounts that
have no passwords set.
- Multiple elevation of privilege vulnerabilities exist when Windows improperly validates input
before loading dynamic link library (DLL) les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (3134228)
OID:[Link].4.1.25623.1.0.807065
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-0040
cve: CVE-2016-0041
cve: CVE-2016-0042
cve: CVE-2016-0044
cve: CVE-2016-0049
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0222
cert-bund: CB-K16/0220
dfn-cert: DFN-CERT-2016-0249
dfn-cert: DFN-CERT-2016-0242

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (3134228)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-014.

. . . continues on next page . . .

2 RESULTS PER HOST 301

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19117

Impact
Successful exploitation will allow an attacker to execute arbitrary code in kernel mode, to cause
denial of service conditions, to bypass authentication and can launch further attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- Windows kernel improperly handles objects in memory.
- Windows improperly validates input before loading dynamic link library (DLL) les.
- Insucient validation of input by Microsoft Sync Framework.
- Kerberos fails to check the password change of a user signing into a workstation.
- A security feature bypass vulnerability exists in Windows Remote Desktop Protocol, that is
caused when Windows hosts running RDP services fail to prevent remote logon to accounts that
have no passwords set.
- Multiple elevation of privilege vulnerabilities exist when Windows improperly validates input
before loading dynamic link library (DLL) les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (3134228)
OID:[Link].4.1.25623.1.0.807065
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-0040
cve: CVE-2016-0041
. . . continues on next page . . .
2 RESULTS PER HOST 302

. . . continued from previous page . . .

cve: CVE-2016-0042
cve: CVE-2016-0044
cve: CVE-2016-0049
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0222
cert-bund: CB-K16/0220
dfn-cert: DFN-CERT-2016-0249
dfn-cert: DFN-CERT-2016-0242

High (CVSS: 7.8)

NVT: Windows IExpress Untrusted Search Path Vulnerability

Summary
This host has IExpress bundled with Microsoft Windows and is prone to an untrusted search
path vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Fixed version: Workaround
File checked: C:\Windows\system32\[Link]
File version: 8.0.7600.16385

Impact
Successful exploitation will allow an attacker to execute arbitrary code with the privilege of the
user invoking a vulnerable self-extracting archive le.

Solution:
Solution type: Workaround
As a workaround save self-extracting archive les into a newly created directory, and conrm
there are no unrelated les in the directory and make sure there are no suspicious les in the
directory where self-extracting archive les are saved.

Aected Software/OS
IExpress bundled with Microsoft Windows

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 303

. . . continued from previous page . . .

The aw exists due to an untrusted search path error in self-extracting archive les created by
IExpress bundled with Microsoft Windows.

Vulnerability Detection Method

Check for the presence of IExpress ([Link]).
Details: Windows IExpress Untrusted Search Path Vulnerability
OID:[Link].4.1.25623.1.0.813808
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2018-0598
url: [Link]
url: [Link]
,→vulnerability

High (CVSS: 7.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (3185848)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-106.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23528

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode, to retrieve
information from a targeted system, also could take control of the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 304

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- The way that certain Windows kernel-mode drivers handle objects in memory.
- The way that the Windows Graphics Device Interface handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (3185848)
OID:[Link].4.1.25623.1.0.809307
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-3348
cve: CVE-2016-3349
cve: CVE-2016-3354
cve: CVE-2016-3355
cve: CVE-2016-3356
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1406
dfn-cert: DFN-CERT-2016-1483

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities

(2850851)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS13-053.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to cause a buer overow and execute arbitrary
code with kernel privileges.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 305

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to:
- Unspecied errors within the Windows kernel-mode driver ([Link]) when processing certain
objects and can be exploited to cause a crash or execute arbitrary code with the kernel privilege.
- An error exists within the GDI+ subsystem.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (28.
,→..
OID:[Link].4.1.25623.1.0.902978
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1300
cve: CVE-2013-1340
cve: CVE-2013-1345
cve: CVE-2013-3129
cve: CVE-2013-3167
cve: CVE-2013-3172
cve: CVE-2013-3173
cve: CVE-2013-3660
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 306

. . . continued from previous page . . .

url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-1267
dfn-cert: DFN-CERT-2013-1264
dfn-cert: DFN-CERT-2013-1262

High (CVSS: 7.8)

NVT: Microsoft Windows SMB Server Elevation of Privilege Vulnerability (3164038)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-075.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\drivers\[Link]
File version: 6.1.7601.17514
Vulnerable range:

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with elevated per-
missions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012 R2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Service Pack 2

Vulnerability Insight
An elevation of privilege aw exists in the Microsoft Server Message Block (SMB) when an
attacker forwards an authentication request intended for another service running on the same
machine.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 307

. . . continued from previous page . . .

Details: Microsoft Windows SMB Server Elevation of Privilege Vulnerability (3164038)
OID:[Link].4.1.25623.1.0.807340
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3225
url: [Link]
url: [Link]
cert-bund: CB-K16/0914
dfn-cert: DFN-CERT-2016-0969

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (4013083)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-018.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23688

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode. An attacker
could then:
- install programs
- view, change, or delete data
- create new accounts with full user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 308

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
Multiple aws exist when the Windows kernel-mode driver fails to properly handle objects in
memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (4013.
,→..
OID:[Link].4.1.25623.1.0.810594
Version used: 2023-07-14T[Link]Z

References
cve: CVE-2017-0024
cve: CVE-2017-0026
cve: CVE-2017-0056
cve: CVE-2017-0078
cve: CVE-2017-0079
cve: CVE-2017-0080
cve: CVE-2017-0081
cve: CVE-2017-0082
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3192892)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-123.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 309

. . . continued from previous page . . .

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23545

Impact
Successful exploitation will allow an attacker could run arbitrary code in kernel mode. An
attacker could then install programs view, change, or delete data, or create new accounts with
full user rights, and take control over the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64

Vulnerability Insight
Multiple aws exist due to:
- The kernel-mode driver fails to properly handle objects in memory.
- The Windows Transaction Manager improperly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3192.
,→..
OID:[Link].4.1.25623.1.0.809343
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-3266
cve: CVE-2016-3376
cve: CVE-2016-7185
cve: CVE-2016-7211
cve: CVE-2016-3341
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 310

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1582
dfn-cert: DFN-CERT-2016-1672

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (3199135)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-135

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\drivers\[Link]
File version: 6.1.7600.16385
Vulnerable range: Less than 6.1.7601.23567

Impact
Successful exploitation will allow an attacker to retrieve the memory address of a kernel object,
run arbitrary code in kernel mode and to log on to an aected system and runs a specially crafted
application that could exploit the vulnerabilities and take control of an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws exist due to:
- A kernel Address Space Layout Randomization (ASLR) bypass error.
- The windows kernel-mode driver fails to properly handle objects in memory.
. . . continues on next page . . .
2 RESULTS PER HOST 311

. . . continued from previous page . . .

- The windows [Link] kernel-mode driver fails to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (3199135)
OID:[Link].4.1.25623.1.0.809092
Version used: 2024-07-26T[Link]Z

References
cve: CVE-2016-7214
cve: CVE-2016-7215
cve: CVE-2016-7218
cve: CVE-2016-7246
cve: CVE-2016-7255
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel-Mode Drivers Code Execution Vulnerability (3119075)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-135.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19061

Impact
Successful exploitation will allow an attacker to execute arbitrary code in kernel mode with
elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 312

. . . continued from previous page . . .

- Microsoft Windows 8 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- Multiple local privilege escalation vulnerabilities.
- Multiple remote code execution vulnerabilities when the Windows font library improperly
handles specially crafted embedded fonts

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Code Execution Vulnerability (3119075)
OID:[Link].4.1.25623.1.0.806776
Version used: 2025-01-17T[Link]Z

References
cve: CVE-2015-6171
cve: CVE-2015-6173
cve: CVE-2015-6174
cve: CVE-2015-6175
cve: CVE-2015-6106
cve: CVE-2015-6107
cve: CVE-2015-6108
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1804
dfn-cert: DFN-CERT-2015-1903
2 RESULTS PER HOST 313

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel Privilege Escalation Vulnerability (4013081)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-017

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23677

Impact
Successful exploitation will allow an attacker to gain elevated privileges on a targeted system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
Multiple aws exist as,
- Windows kernel API enforces permissions.
- Windows Transaction Manager improperly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Privilege Escalation Vulnerability (4013081)
OID:[Link].4.1.25623.1.0.810814
Version used: 2023-07-14T[Link]Z

References
cve: CVE-2017-0050
. . . continues on next page . . .
2 RESULTS PER HOST 314

. . . continued from previous page . . .

cve: CVE-2017-0101
cve: CVE-2017-0102
cve: CVE-2017-0103
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel Multiple Vulnerabilities (3186973)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-111

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23539

Impact
Successful exploitation will allow local attackers to hijack the session of another user and to gain
access to information that is not intended for the user and to impersonate processes, interject
cross-process communication, or interrupt sslystem functionality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
. . . continues on next page . . .
2 RESULTS PER HOST 315

. . . continued from previous page . . .

- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
Multiple aws exist due to:
- The kernel API improperly allows a user to access sensitive registry information.
- The kernel API improperly enforces permissions.
- Windows improperly handles session objects

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Multiple Vulnerabilities (3186973)
OID:[Link].4.1.25623.1.0.809220
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3305
cve: CVE-2016-3306
cve: CVE-2016-3371
cve: CVE-2016-3372
cve: CVE-2016-3373
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1406
dfn-cert: DFN-CERT-2016-1483

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel Mode Drivers Multiple Vulnerabilities (3205651)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-151

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23591

. . . continues on next page . . .

2 RESULTS PER HOST 316

. . . continued from previous page . . .

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode and run
processes in an elevated context.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2016
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws exist due to:
- The Windows Graphics Component improperly handles objects in memory.
- The Windows kernel-mode driver fails to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Mode Drivers Multiple Vulnerabilities (3205651)
OID:[Link].4.1.25623.1.0.810308
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-7259
cve: CVE-2016-7260
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1959
dfn-cert: DFN-CERT-2016-2066
2 RESULTS PER HOST 317

High (CVSS: 7.8)

NVT: Microsoft Windows Kernel Elevation of Privilege Vulnerability (KB4100480)

Summary
This host is missing a critical security update according to Microsoft KB4100480

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24059
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode which will
empower them to install programs, view, change, delete data or create new accounts with full
user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
The aw exists due to Windows kernel failing to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Elevation of Privilege Vulnerability (KB4100480)
OID:[Link].4.1.25623.1.0.812848
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2018-1038
url: [Link]
url: [Link]
cert-bund: CB-K18/0558
dfn-cert: DFN-CERT-2018-0609
2 RESULTS PER HOST 318

High (CVSS: 7.8)

NVT: Microsoft Windows Secondary Logon Privilege Elevation Vulnerability (3143141)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-032.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19148

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
The aw exists in Windows when the Secondary Logon Service fails to properly manage request
handles in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Secondary Logon Privilege Elevation Vulnerability (3143141)
OID:[Link].4.1.25623.1.0.807309
Version used: 2024-07-25T[Link]Z

References
cve: CVE-2016-0099
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 319

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: CB-K16/0383
dfn-cert: DFN-CERT-2016-0412

High (CVSS: 7.8)

NVT: Microsoft Windows Information Disclosure And Elevation of Privilege Vulnerabilities

(3205655)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-149.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 5.0.7601.17514
Vulnerable range: Less than 5.0.7601.23593

Impact
Successful exploitation will allow attackers to obtain information to further compromise the
user's system, run arbitrary code with elevated system privileges. An attacker could then install
programs, view, change, or delete data or create new accounts with full user rights.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2016
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Service Pack 2

Vulnerability Insight
Multiple aws exist due to:
- The windows Crypto driver running in kernel mode improperly handles objects in memory.
. . . continues on next page . . .
2 RESULTS PER HOST 320

. . . continued from previous page . . .

- The windows Installer fails to properly sanitize input leading to an insecure library loading
behavior.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Information Disclosure And Elevation of Privilege Vulnerabili.
,→..
OID:[Link].4.1.25623.1.0.810238
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-7219
cve: CVE-2016-7292
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1959
dfn-cert: DFN-CERT-2016-2066

High (CVSS: 7.8)

NVT: Microsoft Windows IME (Japanese) Privilege Elevation Vulnerability (2992719)

Summary
This host is missing a moderate security update according to Microsoft Bulletin MS14-078.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attacker to bypass a sandbox protection mechanism via
a crafted PDF document.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 321

. . . continued from previous page . . .

- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
Error in '[Link]', which allow remote attackers to bypass a sandbox protection mech-
anism via a crafted PDF document. Aka 'Microsoft IME (Japanese) Elevation of Privilege
Vulnerability' as exploited in the wild in 2014.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows IME (Japanese) Privilege Elevation Vulnerability (2992719)
OID:[Link].4.1.25623.1.0.802088
Version used: 2024-07-01T[Link]Z

References
cve: CVE-2014-4077
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→[Link]
cert-bund: CB-K14/1402
cert-bund: CB-K14/1397
dfn-cert: DFN-CERT-2014-1473
dfn-cert: DFN-CERT-2014-1470

High (CVSS: 7.8)

NVT: Microsoft Graphics Component Multiple Vulnerabilities (3164036)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-074.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23452

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 322

. . . continued from previous page . . .

Successful exploitation will allow an attacker to retrieve information that could lead to an Address
Space Layout Randomization (ASLR) bypass, and to run processes in an elevated context, and
execute arbitrary code and take control of an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
Multiple aws are due to:
- the Windows Graphics Component ([Link]) fails to properly handle objects in memory.
- the Windows improperly handles objects in memory.
- Adobe Type Manager Font Driver ([Link]) when it fails to properly handle objects in
memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Multiple Vulnerabilities (3164036)
OID:[Link].4.1.25623.1.0.808086
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3216
cve: CVE-2016-3219
cve: CVE-2016-3220
url: [Link]
url: [Link]
cert-bund: CB-K16/0914
dfn-cert: DFN-CERT-2016-0969
2 RESULTS PER HOST 323

High (CVSS: 7.8)

NVT: Microsoft Remote Desktop Protocol Security Advisory (2861855)

Summary
This host is missing an important security update according to Microsoft advisory (2861855).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass the security.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to security issue in Network-level Authentication (NLA) method in Remote
Desktop Sessions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Remote Desktop Protocol Security Advisory (2861855)
OID:[Link].4.1.25623.1.0.803867
Version used: 2021-08-05T[Link]Z

References
url: [Link]
url: [Link]

High (CVSS: 7.8)

NVT: Microsoft Windows Components Privilege Elevation Vulnerability (3025421)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-005.
. . . continues on next page . . .
2 RESULTS PER HOST 324

. . . continued from previous page . . .

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain restricted privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
The aw is due to an error when handling directory traversal sequences within the TS WebProxy
Windows component, which can be exploited to gain otherwise restricted privileges.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Components Privilege Elevation Vulnerability (3025421)
OID:[Link].4.1.25623.1.0.805037
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2015-0016
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0038
dfn-cert: DFN-CERT-2015-0036
2 RESULTS PER HOST 325

High (CVSS: 7.8)

NVT: Microsoft Windows Common Log File System Driver Elevation of Privilege Vulnerability
(3193706)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-134.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385
Vulnerable range: Less than 6.1.7601.23572

Impact
Successful exploitation will allow an attacker to run processes in an elevated context.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64

Vulnerability Insight
The aw exists due to windows common log le system (CLFS) driver improperly handles objects
in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Common Log File System Driver Elevation of Privilege Vulnerab.
,→..
OID:[Link].4.1.25623.1.0.809801
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0026
. . . continues on next page . . .
2 RESULTS PER HOST 326

. . . continued from previous page . . .

cve: CVE-2016-3332
cve: CVE-2016-3333
cve: CVE-2016-3334
cve: CVE-2016-3335
cve: CVE-2016-3338
cve: CVE-2016-3340
cve: CVE-2016-3342
cve: CVE-2016-3343
cve: CVE-2016-7184
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852

High (CVSS: 7.8)

NVT: Microsoft Windows Authentication Methods Multiple Vulnerabilities (3199173)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-137.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23584

Impact
Successful exploitation will allow a locally-authenticated to read sensitive information on the
target system, cause the target system to become non-responsive and elevate their permissions
from unprivileged to administrator which thereby allows him/her to install programs, view,
change or delete data, or create new accounts.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 327

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws exist due to:
- The windows Virtual Secure Mode improperly handles objects in memory.
- A denial of service vulnerability in the Local Security Authority Subsystem Service (LSASS).
- The windows fails to properly handle NTLM password change requests.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Authentication Methods Multiple Vulnerabilities (3199173)
OID:[Link].4.1.25623.1.0.809093
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-7238
cve: CVE-2016-7237
cve: CVE-2016-7220
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852

High (CVSS: 7.8)

NVT: 7-Zip Zstandard Decompression Integer Underow Vulnerability - Windows

Summary
7zip is prone to a zstandard decompression integer underow vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 328

. . . continued from previous page . . .

Installed version: 16.04
Fixed version: 24.07
Installation
path / port: C:\Program Files\7-Zip\

Impact
Successful exploitation allows an attacker to perform remote code execution.

Solution:
Solution type: VendorFix
Update to version 24.07 or later.

Aected Software/OS
7zip version prior to 24.07 on Windows.

Vulnerability Insight
The aw exists due to lack of input data validation in the Zstandard decompression feature in
7-Zip.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7-Zip Zstandard Decompression Integer Underflow Vulnerability - Windows
OID:[Link].4.1.25623.1.0.834786
Version used: 2025-01-13T[Link]Z

References
cve: CVE-2024-11477
url: [Link]
cert-bund: WID-SEC-2024-3512
dfn-cert: DFN-CERT-2025-1015
dfn-cert: DFN-CERT-2024-3119

High (CVSS: 7.8)

NVT: 7-Zip Qcow Handler Innite Loop DoS Vulnerability - Windows

Summary
7zip is prone to a qcow handler innite loop denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: 24.08
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 329

. . . continued from previous page . . .

path / port: C:\Program Files\7-Zip\

Impact
Successful exploitation allows an attacker to conduct denial of service attacks.

Solution:
Solution type: VendorFix
Update to version 24.08 or later.

Aected Software/OS
7zip version prior to 24.08 on Windows.

Vulnerability Insight
The aw exists due to an innite loop in the CopyCoder processing streams.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7-Zip Qcow Handler Infinite Loop DoS Vulnerability - Windows
OID:[Link].4.1.25623.1.0.834787
Version used: 2024-12-12T[Link]Z

References
cve: CVE-2024-11612
url: [Link]
cert-bund: WID-SEC-2025-0818
cert-bund: WID-SEC-2024-3527
dfn-cert: DFN-CERT-2025-0974
dfn-cert: DFN-CERT-2025-0509
dfn-cert: DFN-CERT-2025-0228

High (CVSS: 7.8)

NVT: Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3164028)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-073.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23452

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 330

. . . continued from previous page . . .

Successful exploitation will allow an attacker to run arbitrary code in kernel mode, and potentially
disclose contents of memory to which they should not have access.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
Multiple aws exist due to:
- When the Windows kernel-mode driver fails to properly handle objects in memory.
- When the Windows Virtual PCI (VPCI) virtual service provider (VSP) fails to properly handle
uninitialized memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3164028)
OID:[Link].4.1.25623.1.0.808084
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-3218
cve: CVE-2016-3221
cve: CVE-2016-3232
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0914
dfn-cert: DFN-CERT-2016-0969

High (CVSS: 7.8)

NVT: Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3158222)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 331

. . . continued from previous page . . .

This host is missing an important security update according to Microsoft Bulletin MS16-062.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23418

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode, and to take
control over the aected system, also could retrieve the memory address of a kernel object.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
Multiple aws exist due to:
- When the Windows kernel-mode driver fails to properly handle objects in memory and incor-
rectly maps kernel memory
- When the DirectX Graphics kernel subsystem ([Link]) improperly handles objects in
memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3158222)
OID:[Link].4.1.25623.1.0.808018
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0171
cve: CVE-2016-0173
cve: CVE-2016-0174
cve: CVE-2016-0196
cve: CVE-2016-0175
. . . continues on next page . . .
2 RESULTS PER HOST 332

. . . continued from previous page . . .

cve: CVE-2016-0176
cve: CVE-2016-0197
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0701
dfn-cert: DFN-CERT-2016-0759

High (CVSS: 7.8)

NVT: Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3143145)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-034.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19145

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
The aws exist in Windows when the Windows kernel-mode driver fails to properly handle objects
in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 333

. . . continued from previous page . . .

Details: Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3143145)
OID:[Link].4.1.25623.1.0.807308
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0093
cve: CVE-2016-0094
cve: CVE-2016-0095
cve: CVE-2016-0096
url: [Link]
url: [Link]
cert-bund: CB-K16/0383
dfn-cert: DFN-CERT-2016-0412

High (CVSS: 7.8)

NVT: Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (3178466)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-098.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23497

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode, and obtain
information to further compromise the user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
. . . continues on next page . . .
2 RESULTS PER HOST 334

. . . continued from previous page . . .

- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
Multiple aws exist when the Windows kernel-mode driver fails to properly handle objects in
memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (317.
,→..
OID:[Link].4.1.25623.1.0.808784
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3308
cve: CVE-2016-3309
cve: CVE-2016-3310
cve: CVE-2016-3311
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1216
dfn-cert: DFN-CERT-2016-1300

High (CVSS: 7.8)

NVT: Microsoft Kernel-Mode Drivers Elevation of Privilege Vulnerabilities (3136082)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-018.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19113

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 335

. . . continued from previous page . . .

Successful exploitation will allow an attacker to run arbitrary code in kernel mode.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
The aw exists in Windows when the Windows kernel-mode driver fails to properly handle objects
in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Kernel-Mode Drivers Elevation of Privilege Vulnerabilities (3136082)
OID:[Link].4.1.25623.1.0.807242
Version used: 2023-07-21T[Link]Z

References
url: [Link]
cve: CVE-2016-0048
url: [Link]
cert-bund: CB-K16/0220
dfn-cert: DFN-CERT-2016-0242

High (CVSS: 7.8)

NVT: Microsoft Video Control Remote Code Execution Vulnerability (3199151)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-131.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
. . . continues on next page . . .
2 RESULTS PER HOST 336

. . . continued from previous page . . .

Vulnerable range: Less than 6.1.7601.23584

Impact
Successful exploitation will allow an attacker to run arbitrary code in the context of the current
user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64

Vulnerability Insight
The aw exists due to microsoft video control fails to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Video Control Remote Code Execution Vulnerability (3199151)
OID:[Link].4.1.25623.1.0.809800
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-7248
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852

High (CVSS: 7.8)

NVT: Microsoft Windows TCP/IP Denial of Service Vulnerability (2790655)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-018.

. . . continues on next page . . .

2 RESULTS PER HOST 337

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow attackers to exhaust the non-paged pool and render the system
unusable or trigger a restart.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to an error within the TCP/IP stack, which remains in TCP FIN_WAIT_2
state after receiving an ACK to the FIN packet when handling a tear down sequence.

Vulnerability Detection Method

Details: Microsoft Windows TCP/IP Denial of Service Vulnerability (2790655)
OID:[Link].4.1.25623.1.0.902945
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-0075
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→13-018
dfn-cert: DFN-CERT-2013-0293

High (CVSS: 7.8)

NVT: Microsoft ATM Font Driver Privilege Elevation Vulnerability (3077657)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-077.

. . . continues on next page . . .

2 RESULTS PER HOST 338

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Installed version: [Link]
Fixed version: [Link]
Installation
path / port: C:\Windows

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with kernel-mode
privileges and take complete control of the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012R2
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
An elevation of privilege vulnerability exists in Adobe Type Manager Font Driver (ATMFD)
when it fails to properly handle objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft ATM Font Driver Privilege Elevation Vulnerability (3077657)
OID:[Link].4.1.25623.1.0.805073
Version used: 2024-07-17T[Link]Z

References
cve: CVE-2015-2387
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1013
. . . continues on next page . . .
2 RESULTS PER HOST 339

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2015-1060

High (CVSS: 7.8)

NVT: OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.4
Installation
path / port: /usr/sbin/sshd

Impact
Successfully exploiting this issue allows local users to obtain sensitive private-key information,
to gain privileges, conduct a senial-of-service condition and allows remote attackers to execute
arbitrary local PKCS#11 modules.

Solution:
Solution type: VendorFix
Update to version 7.4 or later.

Aected Software/OS
OpenSSH versions before 7.4 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- An 'authle.c' script does not properly consider the eects of realloc on buer contents.
- The shared memory manager (associated with pre-authentication compression) does not ensure
that a bounds check is enforced by all compilers.
- The sshd in OpenSSH creates forwarded Unix-domain sockets as root, when privilege separation
is not used.
- An untrusted search path vulnerability in ssh-agent.c in ssh-agent.
- NULL pointer dereference error due to an out-of-sequence NEWKEYS message.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 340

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows
OID:[Link].4.1.25623.1.0.810325
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2016-10009
cve: CVE-2016-10010
cve: CVE-2016-10011
cve: CVE-2016-10012
cve: CVE-2016-10708
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→3e6b931de1d16737
cert-bund: WID-SEC-2023-1996
cert-bund: CB-K18/0919
cert-bund: CB-K18/0591
cert-bund: CB-K18/0137
cert-bund: CB-K18/0041
cert-bund: CB-K17/2219
cert-bund: CB-K17/2112
cert-bund: CB-K17/1292
cert-bund: CB-K17/1061
cert-bund: CB-K17/0527
cert-bund: CB-K17/0377
cert-bund: CB-K17/0127
cert-bund: CB-K17/0041
cert-bund: CB-K16/1991
dfn-cert: DFN-CERT-2021-0776
dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2018-2259
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-2068
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1568
. . . continues on next page . . .
2 RESULTS PER HOST 341

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-1432
dfn-cert: DFN-CERT-2018-1112
dfn-cert: DFN-CERT-2018-1070
dfn-cert: DFN-CERT-2018-1068
dfn-cert: DFN-CERT-2018-0150
dfn-cert: DFN-CERT-2018-0046
dfn-cert: DFN-CERT-2017-2320
dfn-cert: DFN-CERT-2017-2208
dfn-cert: DFN-CERT-2017-1340
dfn-cert: DFN-CERT-2017-1096
dfn-cert: DFN-CERT-2017-0532
dfn-cert: DFN-CERT-2017-0386
dfn-cert: DFN-CERT-2017-0130
dfn-cert: DFN-CERT-2017-0042
dfn-cert: DFN-CERT-2016-2099

High (CVSS: 7.8)

NVT: OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.4
Installation
path / port: /usr/bin/ssh

Impact
Successfully exploiting this issue allows local users to obtain sensitive private-key information,
to gain privileges, conduct a senial-of-service condition and allows remote attackers to execute
arbitrary local PKCS#11 modules.

Solution:
Solution type: VendorFix
Update to version 7.4 or later.

. . . continues on next page . . .

2 RESULTS PER HOST 342

. . . continued from previous page . . .

Aected Software/OS
OpenSSH versions before 7.4 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- An 'authle.c' script does not properly consider the eects of realloc on buer contents.
- The shared memory manager (associated with pre-authentication compression) does not ensure
that a bounds check is enforced by all compilers.
- The sshd in OpenSSH creates forwarded Unix-domain sockets as root, when privilege separation
is not used.
- An untrusted search path vulnerability in ssh-agent.c in ssh-agent.
- NULL pointer dereference error due to an out-of-sequence NEWKEYS message.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows
OID:[Link].4.1.25623.1.0.810325
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2016-10009
cve: CVE-2016-10010
cve: CVE-2016-10011
cve: CVE-2016-10012
cve: CVE-2016-10708
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→3e6b931de1d16737
cert-bund: WID-SEC-2023-1996
cert-bund: CB-K18/0919
cert-bund: CB-K18/0591
cert-bund: CB-K18/0137
cert-bund: CB-K18/0041
cert-bund: CB-K17/2219
cert-bund: CB-K17/2112
. . . continues on next page . . .
2 RESULTS PER HOST 343

. . . continued from previous page . . .

cert-bund: CB-K17/1292
cert-bund: CB-K17/1061
cert-bund: CB-K17/0527
cert-bund: CB-K17/0377
cert-bund: CB-K17/0127
cert-bund: CB-K17/0041
cert-bund: CB-K16/1991
dfn-cert: DFN-CERT-2021-0776
dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2018-2259
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-2068
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1568
dfn-cert: DFN-CERT-2018-1432
dfn-cert: DFN-CERT-2018-1112
dfn-cert: DFN-CERT-2018-1070
dfn-cert: DFN-CERT-2018-1068
dfn-cert: DFN-CERT-2018-0150
dfn-cert: DFN-CERT-2018-0046
dfn-cert: DFN-CERT-2017-2320
dfn-cert: DFN-CERT-2017-2208
dfn-cert: DFN-CERT-2017-1340
dfn-cert: DFN-CERT-2017-1096
dfn-cert: DFN-CERT-2017-0532
dfn-cert: DFN-CERT-2017-0386
dfn-cert: DFN-CERT-2017-0130
dfn-cert: DFN-CERT-2017-0042
dfn-cert: DFN-CERT-2016-2099

High (CVSS: 7.8)

NVT: Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS12-024.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to execute arbitrary code as the logged-on
user.

. . . continues on next page . . .

2 RESULTS PER HOST 344

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 Service Pack 1 and prior
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows 2003 Service Pack 2 and prior
- Microsoft Windows Vista Service Pack 2 and prior
- Microsoft Windows Server 2008 Service Pack 2 and prior

Vulnerability Insight
The aw is due to the way Windows Authenticode Signature Verication function veries portable
executable (PE) les, which can be exploited to add malicious code to the le without invalidating
the signature.

Vulnerability Detection Method

Details: Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)
OID:[Link].4.1.25623.1.0.902669
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-0151
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→12-024
dfn-cert: DFN-CERT-2012-0654

High (CVSS: 7.8)

NVT: Windows Modules Installer Elevation of Privilege Vulnerability (KB4565354)

Summary
This host is missing an important security update according to Microsoft KB4565354

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24557
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

. . . continues on next page . . .

2 RESULTS PER HOST 345

. . . continued from previous page . . .

Impact
Successful exploitation will allow an attacker to gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
The aw exists due to Windows Modules Installer fails to properly handle le operations.
Please see the references for more information on the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Windows Modules Installer Elevation of Privilege Vulnerability (KB4565354)
OID:[Link].4.1.25623.1.0.817234
Version used: 2021-08-11T[Link]Z

References
cve: CVE-2020-1346
url: [Link]
cert-bund: CB-K20/0692
dfn-cert: DFN-CERT-2020-1515

High (CVSS: 7.8)

NVT: Microsoft Windows Multiple Vulnerabilities (KB5010404)

Summary
This host is missing an important security update according to Microsoft KB5010404

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.25860
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to elevate privileges, disclose sensitive information,
and conduct DoS attacks.

. . . continues on next page . . .

2 RESULTS PER HOST 346

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An elevation of privilege vulnerability in Windows Print Spooler.
- An information disclosure vulnerability in Windows Common Log File System Driver.
- An elevation of privilege vulnerability in Windows Common Log File System Driver.
Please see the references for more information about the vulnerabilities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5010404)
OID:[Link].4.1.25623.1.0.818968
Version used: 2025-11-14T[Link]Z

References
cve: CVE-2022-21981
cve: CVE-2022-21985
cve: CVE-2022-21989
cve: CVE-2022-21997
cve: CVE-2022-21998
cve: CVE-2022-21999
cve: CVE-2022-22000
cve: CVE-2022-22710
cve: CVE-2022-22717
cve: CVE-2022-22718
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
cert-bund: WID-SEC-2022-1174
cert-bund: CB-K22/0160
dfn-cert: DFN-CERT-2022-0306

High (CVSS: 7.7)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 03 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 347

. . . continued from previous page . . .

Oracle Java SE is prone to a remote unspecied security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality, integrity, and avail-
ability via unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, 10.0 on Windows

Vulnerability Insight
The aw exists due to an unspecied error in 'Java SE' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 03 - Windows
OID:[Link].4.1.25623.1.0.813100
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2811
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-0724

High (CVSS: 7.7)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 03 - Windows

Summary
Oracle Java SE is prone to a remote unspecied security vulnerability.

. . . continues on next page . . .

2 RESULTS PER HOST 348

. . . continued from previous page . . .

Quality of Detection (QoD): 97%
Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality, integrity, and avail-
ability via unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, 10.0 on Windows

Vulnerability Insight
The aw exists due to an unspecied error in 'Java SE' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 03 - Windows
OID:[Link].4.1.25623.1.0.813100
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2811
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-0724

High (CVSS: 7.6)

NVT: Microsoft Windows On-Screen Keyboard Privilege Escalation Vulnerability (2975685)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-039

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 349

. . . continued from previous page . . .

The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2

Vulnerability Insight
The aw is triggered when executing the On-Screen keyboard from within the context of a low
integrity process.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows On-Screen Keyboard Privilege Escalation Vulnerability (297568.
,→..
OID:[Link].4.1.25623.1.0.804472
Version used: 2023-07-27T[Link]Z

References
cve: CVE-2014-2781
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0838
dfn-cert: DFN-CERT-2014-0878

High (CVSS: 7.5)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4054518)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 350

. . . continued from previous page . . .

This host is missing a critical security update according to Microsoft KB4054518

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.23963
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker who successfully exploited this vulnerability to exe-
cute code on the target system, gain the same user rights as the current user, obtain information
to further compromise the user's system and could attempt a brute-force attack to disclose the
password.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- An error in RPC if the server has Routing and Remote Access enabled.
- Internet Explorer improperly accesses objects in memory.
- Internet Explorer improperly handles objects in memory.
- Scripting engine handles objects in memory in Microsoft browsers.
- Windows its:// protocol handler unnecessarily sends trac to a remote site in order to determine
the zone of a provided URL.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4054518)
OID:[Link].4.1.25623.1.0.812245
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2017-11885
cve: CVE-2017-11886
cve: CVE-2017-11887
cve: CVE-2017-11890
cve: CVE-2017-11894
cve: CVE-2017-11895
cve: CVE-2017-11901
. . . continues on next page . . .
2 RESULTS PER HOST 351

. . . continued from previous page . . .

cve: CVE-2017-11903
cve: CVE-2017-11906
cve: CVE-2017-11907
cve: CVE-2017-11912
cve: CVE-2017-11913
cve: CVE-2017-11919
cve: CVE-2017-11927
cve: CVE-2017-11930
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/2153
cert-bund: CB-K17/2152
cert-bund: CB-K17/2151
cert-bund: CB-K17/2149
dfn-cert: DFN-CERT-2017-2254
dfn-cert: DFN-CERT-2017-2253
dfn-cert: DFN-CERT-2017-2252
dfn-cert: DFN-CERT-2017-2248

High (CVSS: 7.5)

NVT: Microsoft Windows Multiple Vulnerabilities (KB4088875)

Summary
This host is missing a critical security update according to Microsoft KB4088875

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24059
File checked: C:\Windows\system32\[Link]
. . . continues on next page . . .
2 RESULTS PER HOST 352

. . . continued from previous page . . .

File version: 6.1.7601.17514

Impact
Successful exploitation will allow attacker to gain access to information, crash server and run
arbitrary code in system mode.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Multiple aws exist due to:
- When Windows Hyper-V on a host operating system fails to properly validate input from an
authenticated user on a guest operating system.
- The way that the scripting engine handles objects in memory in Internet Explorer.
- When Microsoft Hyper-V Network Switch on a host server fails to properly validate input from
a privileged user on a guest operating system.
- The Credential Security Support Provider protocol (CredSSP).
- Windows when the Microsoft Video Control mishandles objects in memory.
- When Windows Shell does not properly validate le copy destinations.
- When Internet Explorer fails a check, allowing sandbox escape.
- The Windows kernel that could allow an attacker to retrieve information that could lead to a
Kernel Address Space Layout Randomization (ASLR) bypass.
- The Windows Installer when the Windows Installer fails to properly sanitize input leading to
an insecure library loading behavior.
- When the Windows kernel improperly initializes objects in memory.
- When Windows Remote Assistance incorrectly processes XML External Entities (XXE).
- The way that the Windows Graphics Device Interface (GDI) handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4088875)
OID:[Link].4.1.25623.1.0.812829
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-0811
cve: CVE-2018-0813
cve: CVE-2018-0814
cve: CVE-2018-0815
cve: CVE-2018-0886
cve: CVE-2018-0888
. . . continues on next page . . .
2 RESULTS PER HOST 353

. . . continued from previous page . . .

cve: CVE-2018-0889
cve: CVE-2018-0891
cve: CVE-2018-0894
cve: CVE-2018-0895
cve: CVE-2018-0896
cve: CVE-2018-0897
cve: CVE-2018-0898
cve: CVE-2018-0899
cve: CVE-2018-0900
cve: CVE-2018-0901
cve: CVE-2018-0904
cve: CVE-2018-0927
cve: CVE-2018-0929
cve: CVE-2018-0932
cve: CVE-2018-0935
cve: CVE-2018-0942
cve: CVE-2018-0816
cve: CVE-2018-0817
cve: CVE-2018-0868
cve: CVE-2018-0878
cve: CVE-2018-0881
cve: CVE-2018-0883
cve: CVE-2018-0885
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 354

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0461
cert-bund: CB-K18/0456
cert-bund: CB-K18/0455
cert-bund: CB-K18/0454
dfn-cert: DFN-CERT-2020-1810
dfn-cert: DFN-CERT-2019-0142
dfn-cert: DFN-CERT-2018-0494
dfn-cert: DFN-CERT-2018-0493
dfn-cert: DFN-CERT-2018-0491
dfn-cert: DFN-CERT-2018-0487

High (CVSS: 7.5)

NVT: 7-Zip Multiple Vulnerabilities (Jul 2025) - Windows

Summary
7zip is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: 25.0.0
Installation
path / port: C:\Program Files\7-Zip\

Impact
Successful exploitation allows an attacker to execute code in the context of a service account and
conduct denial of service attacks.

Solution:
Solution type: VendorFix
Update to version 25.0.0 or later.

Aected Software/OS
7zip prior to version 25.0.0 on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 355

. . . continued from previous page . . .

Details: 7-Zip Multiple Vulnerabilities (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.836529
Version used: 2025-11-21T[Link]Z

References
cve: CVE-2025-53816
cve: CVE-2025-53817
cve: CVE-2025-11001
cve: CVE-2025-11002
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-2359
cert-bund: WID-SEC-2025-2261
cert-bund: WID-SEC-2025-1590
dfn-cert: DFN-CERT-2025-2990
dfn-cert: DFN-CERT-2025-2941

High (CVSS: 7.5)

NVT: Microsoft VBScript Scripting Engine OLE Automation Memory Corruption Vulnerability
(3188724)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-116

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23512

Impact
Successful exploitation will allow remote attacker to execute arbitrary code in the context of the
current user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 356

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
The aw is due to an improper way of accessing objects in the memory by Microsoft OLE
Automation mechanism and the VBScript Scripting Engine in Internet Explorer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft VBScript Scripting Engine OLE Automation Memory Corruption Vulnerabil.
,→..
OID:[Link].4.1.25623.1.0.809040
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3375
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1406
cert-bund: CB-K16/1403
dfn-cert: DFN-CERT-2016-1484
dfn-cert: DFN-CERT-2016-1483

High (CVSS: 7.5)

NVT: Microsoft .NET Framework Denial of Service Vulnerabilities (3137893)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-019.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\[Link]\Framework64\[Link].
,→dll
File version: 2.0.50727.5420
Vulnerable range: Less than 2.0.50727.5495

. . . continues on next page . . .

2 RESULTS PER HOST 357

. . . continued from previous page . . .

Impact
Successful exploitation will allow remote attackers to gain access to sensitive information or
disrupt the availability of applications that use the .NET framework.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6 and 4.6.1

Vulnerability Insight
Multiple aws exist as,
- Application fails to properly handle certain Extensible Stylesheet Language Transformations
(XSLT).
- The .NET's Windows Forms (WinForms) improperly handles icon data.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Denial of Service Vulnerabilities (3137893)
OID:[Link].4.1.25623.1.0.806681
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-0033
cve: CVE-2016-0047
url: [Link]
url: [Link]
cert-bund: CB-K16/0220
dfn-cert: DFN-CERT-2016-0242

High (CVSS: 7.5)

NVT: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check

Summary
Apache Log4j is prone to a remote code execution (RCE) vulnerability in JMSAppender.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 358

. . . continued from previous page . . .

Installed version: 1.2.15
Fixed version: None
Installation
path / port: C:\Program Files\Apache Software Foundation\tomcat\apache-tom
,→cat-8.0.33\webapps\axis2\WEB-INF\lib\[Link]

Solution:
Solution type: WillNotFix
No solution was made available by the vendor.
Note: Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as
it addresses numerous other issues from the previous versions.

Aected Software/OS
Apache Log4j version 1.2.x.

Vulnerability Insight
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker
has write access to the Log4j conguration. The attacker can provide TopicBindingName and
TopicConnectionFactoryBindingName congurations causing JMSAppender to perform JNDI
requests that result in remote code execution in a similar fashion to CVE-2021-44228.
Note this issue only aects Log4j 1.2 when specically congured to use JMSAppender, which
is not the default.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check
OID:[Link].4.1.25623.1.0.117843
Version used: 2025-09-04T[Link]Z

References
cve: CVE-2021-4104
url: [Link]
cert-bund: WID-SEC-2024-1926
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0107
cert-bund: WID-SEC-2023-1807
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-1770
cert-bund: WID-SEC-2022-1189
cert-bund: WID-SEC-2022-1015
cert-bund: WID-SEC-2022-0927
cert-bund: WID-SEC-2022-0628
cert-bund: WID-SEC-2022-0520
cert-bund: CB-K22/0066
cert-bund: CB-K21/1291
dfn-cert: DFN-CERT-2025-2802
. . . continues on next page . . .
2 RESULTS PER HOST 359

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-3126
dfn-cert: DFN-CERT-2024-2222
dfn-cert: DFN-CERT-2023-1648
dfn-cert: DFN-CERT-2022-1813
dfn-cert: DFN-CERT-2022-1472
dfn-cert: DFN-CERT-2022-0805
dfn-cert: DFN-CERT-2022-0325
dfn-cert: DFN-CERT-2022-0292
dfn-cert: DFN-CERT-2022-0204
dfn-cert: DFN-CERT-2022-0119
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2022-0015
dfn-cert: DFN-CERT-2021-2666
dfn-cert: DFN-CERT-2021-2643
dfn-cert: DFN-CERT-2021-2641
dfn-cert: DFN-CERT-2021-2633
dfn-cert: DFN-CERT-2021-2624
dfn-cert: DFN-CERT-2021-2598

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (apr2022) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 360

. . . continued from previous page . . .

Oracle Java SE version 8u321 ([Link]) and earlier, 7u331 ([Link]) and earlier, 11.x through
11.0.14, 17.x through 17.0.2, 18 on Windows.

Vulnerability Insight
Multiple aws are due to unspecied errors in 'Libraries', 'JAXP' and 'JNDI' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2022) - Windows
OID:[Link].4.1.25623.1.0.820086
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21449
cve: CVE-2022-21476
cve: CVE-2022-21426
cve: CVE-2022-21496
cve: CVE-2022-21434
cve: CVE-2022-21443
url: [Link]
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2164
cert-bund: WID-SEC-2023-0840
cert-bund: WID-SEC-2022-1434
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1321
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-1066
cert-bund: WID-SEC-2022-0987
cert-bund: WID-SEC-2022-0871
cert-bund: WID-SEC-2022-0858
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0398
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0287
cert-bund: WID-SEC-2022-0200
cert-bund: WID-SEC-2022-0028
cert-bund: CB-K22/0470
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2023-1425
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2023-1174
dfn-cert: DFN-CERT-2023-1139
dfn-cert: DFN-CERT-2023-0846
dfn-cert: DFN-CERT-2023-0819
dfn-cert: DFN-CERT-2022-1955
. . . continues on next page . . .
2 RESULTS PER HOST 361

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-1704
dfn-cert: DFN-CERT-2022-1648
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1323
dfn-cert: DFN-CERT-2022-1267
dfn-cert: DFN-CERT-2022-1143
dfn-cert: DFN-CERT-2022-1081
dfn-cert: DFN-CERT-2022-1054
dfn-cert: DFN-CERT-2022-0873
dfn-cert: DFN-CERT-2022-0871

High (CVSS: 7.5)

NVT: OpenSSH < 7.3 DoS and User Enumeration Vulnerabilities - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to denial of service (DoS) and user enumeration vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.3
Installation
path / port: /usr/sbin/sshd

Impact
Successfully exploiting this issue allows remote attackers to cause a denial of service (crypt CPU
consumption) and to enumerate users by leveraging the timing dierence between responses when
a large password is provided.

Solution:
Solution type: VendorFix
Update to version 7.3 or later.

Aected Software/OS
OpenSSH versions before 7.3 on Windows.

Vulnerability Insight
Multiple aws exist due to:
. . . continues on next page . . .
2 RESULTS PER HOST 362

. . . continued from previous page . . .

- The auth_password function in 'auth-passwd.c' script does not limit password lengths for
password authentication.
- The sshd in OpenSSH, when SHA256 or SHA512 are used for user password hashing uses
BLOWFISH hashing on a static password when the username does not exist and it takes much
longer to calculate SHA256/SHA512 hash than BLOWFISH hash.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.3 DoS and User Enumeration Vulnerabilities - Windows
OID:[Link].4.1.25623.1.0.809121
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2016-6515
cve: CVE-2016-6210
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-0450
cert-bund: WID-SEC-2023-0449
cert-bund: CB-K18/0041
cert-bund: CB-K17/2219
cert-bund: CB-K17/2112
cert-bund: CB-K17/1753
cert-bund: CB-K17/1349
cert-bund: CB-K17/1292
cert-bund: CB-K17/0055
cert-bund: CB-K16/1837
cert-bund: CB-K16/1629
cert-bund: CB-K16/1487
cert-bund: CB-K16/1485
cert-bund: CB-K16/1252
cert-bund: CB-K16/1221
cert-bund: CB-K16/1082
dfn-cert: DFN-CERT-2023-1920
dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1070
dfn-cert: DFN-CERT-2018-0046
. . . continues on next page . . .
2 RESULTS PER HOST 363

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2017-2320
dfn-cert: DFN-CERT-2017-2208
dfn-cert: DFN-CERT-2017-1831
dfn-cert: DFN-CERT-2017-1407
dfn-cert: DFN-CERT-2017-1340
dfn-cert: DFN-CERT-2017-0060
dfn-cert: DFN-CERT-2016-1943
dfn-cert: DFN-CERT-2016-1729
dfn-cert: DFN-CERT-2016-1576
dfn-cert: DFN-CERT-2016-1574
dfn-cert: DFN-CERT-2016-1331
dfn-cert: DFN-CERT-2016-1243
dfn-cert: DFN-CERT-2016-1149

High (CVSS: 7.5)

NVT: OpenSSH < 7.3 DoS and User Enumeration Vulnerabilities - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to denial of service (DoS) and user enumeration vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.3
Installation
path / port: /usr/bin/ssh

Impact
Successfully exploiting this issue allows remote attackers to cause a denial of service (crypt CPU
consumption) and to enumerate users by leveraging the timing dierence between responses when
a large password is provided.

Solution:
Solution type: VendorFix
Update to version 7.3 or later.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 364

. . . continued from previous page . . .

OpenSSH versions before 7.3 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- The auth_password function in 'auth-passwd.c' script does not limit password lengths for
password authentication.
- The sshd in OpenSSH, when SHA256 or SHA512 are used for user password hashing uses
BLOWFISH hashing on a static password when the username does not exist and it takes much
longer to calculate SHA256/SHA512 hash than BLOWFISH hash.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.3 DoS and User Enumeration Vulnerabilities - Windows
OID:[Link].4.1.25623.1.0.809121
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2016-6515
cve: CVE-2016-6210
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-0450
cert-bund: WID-SEC-2023-0449
cert-bund: CB-K18/0041
cert-bund: CB-K17/2219
cert-bund: CB-K17/2112
cert-bund: CB-K17/1753
cert-bund: CB-K17/1349
cert-bund: CB-K17/1292
cert-bund: CB-K17/0055
cert-bund: CB-K16/1837
cert-bund: CB-K16/1629
cert-bund: CB-K16/1487
cert-bund: CB-K16/1485
cert-bund: CB-K16/1252
cert-bund: CB-K16/1221
cert-bund: CB-K16/1082
dfn-cert: DFN-CERT-2023-1920
. . . continues on next page . . .
2 RESULTS PER HOST 365

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1070
dfn-cert: DFN-CERT-2018-0046
dfn-cert: DFN-CERT-2017-2320
dfn-cert: DFN-CERT-2017-2208
dfn-cert: DFN-CERT-2017-1831
dfn-cert: DFN-CERT-2017-1407
dfn-cert: DFN-CERT-2017-1340
dfn-cert: DFN-CERT-2017-0060
dfn-cert: DFN-CERT-2016-1943
dfn-cert: DFN-CERT-2016-1729
dfn-cert: DFN-CERT-2016-1576
dfn-cert: DFN-CERT-2016-1574
dfn-cert: DFN-CERT-2016-1331
dfn-cert: DFN-CERT-2016-1243
dfn-cert: DFN-CERT-2016-1149

High (CVSS: 7.5)

NVT: Microsoft .NET Framework Denial of Service Vulnerabilities (3137893)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-019.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\[Link]\Framework64\[Link]
File version: 2.0.50727.5420
Vulnerable range: Less than 2.0.50727.5495

Impact
Successful exploitation will allow remote attackers to gain access to sensitive information or
disrupt the availability of applications that use the .NET framework.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
. . . continues on next page . . .
2 RESULTS PER HOST 366

. . . continued from previous page . . .

- Microsoft .NET Framework 4.6 and 4.6.1

Vulnerability Insight
Multiple aws exist as,
- Application fails to properly handle certain Extensible Stylesheet Language Transformations
(XSLT).
- The .NET's Windows Forms (WinForms) improperly handles icon data.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Denial of Service Vulnerabilities (3137893)
OID:[Link].4.1.25623.1.0.806681
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2016-0033
cve: CVE-2016-0047
url: [Link]
url: [Link]
cert-bund: CB-K16/0220
dfn-cert: DFN-CERT-2016-0242

High (CVSS: 7.5)

NVT: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check

Summary
Apache Log4j is prone to a remote code execution (RCE) vulnerability in JMSAppender.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.2.15
Fixed version: None
Installation
path / port: C:\ManageEngine\DesktopCentral_Server\lib\[Link]

Solution:
Solution type: WillNotFix
No solution was made available by the vendor.
Note: Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as
it addresses numerous other issues from the previous versions.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 367

. . . continued from previous page . . .

Apache Log4j version 1.2.x.

Vulnerability Insight
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker
has write access to the Log4j conguration. The attacker can provide TopicBindingName and
TopicConnectionFactoryBindingName congurations causing JMSAppender to perform JNDI
requests that result in remote code execution in a similar fashion to CVE-2021-44228.
Note this issue only aects Log4j 1.2 when specically congured to use JMSAppender, which
is not the default.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check
OID:[Link].4.1.25623.1.0.117843
Version used: 2025-09-04T[Link]Z

References
cve: CVE-2021-4104
url: [Link]
cert-bund: WID-SEC-2024-1926
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0107
cert-bund: WID-SEC-2023-1807
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-1770
cert-bund: WID-SEC-2022-1189
cert-bund: WID-SEC-2022-1015
cert-bund: WID-SEC-2022-0927
cert-bund: WID-SEC-2022-0628
cert-bund: WID-SEC-2022-0520
cert-bund: CB-K22/0066
cert-bund: CB-K21/1291
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2024-3126
dfn-cert: DFN-CERT-2024-2222
dfn-cert: DFN-CERT-2023-1648
dfn-cert: DFN-CERT-2022-1813
dfn-cert: DFN-CERT-2022-1472
dfn-cert: DFN-CERT-2022-0805
dfn-cert: DFN-CERT-2022-0325
dfn-cert: DFN-CERT-2022-0292
dfn-cert: DFN-CERT-2022-0204
dfn-cert: DFN-CERT-2022-0119
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2022-0015
dfn-cert: DFN-CERT-2021-2666
dfn-cert: DFN-CERT-2021-2643
. . . continues on next page . . .
2 RESULTS PER HOST 368

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-2641
dfn-cert: DFN-CERT-2021-2633
dfn-cert: DFN-CERT-2021-2624
dfn-cert: DFN-CERT-2021-2598

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (apr2022) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u321 ([Link]) and earlier, 7u331 ([Link]) and earlier, 11.x through
11.0.14, 17.x through 17.0.2, 18 on Windows.

Vulnerability Insight
Multiple aws are due to unspecied errors in 'Libraries', 'JAXP' and 'JNDI' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2022) - Windows
OID:[Link].4.1.25623.1.0.820086
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21449
cve: CVE-2022-21476
cve: CVE-2022-21426
. . . continues on next page . . .
2 RESULTS PER HOST 369

. . . continued from previous page . . .

cve: CVE-2022-21496
cve: CVE-2022-21434
cve: CVE-2022-21443
url: [Link]
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2164
cert-bund: WID-SEC-2023-0840
cert-bund: WID-SEC-2022-1434
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1321
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-1066
cert-bund: WID-SEC-2022-0987
cert-bund: WID-SEC-2022-0871
cert-bund: WID-SEC-2022-0858
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0398
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0287
cert-bund: WID-SEC-2022-0200
cert-bund: WID-SEC-2022-0028
cert-bund: CB-K22/0470
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2023-1425
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2023-1174
dfn-cert: DFN-CERT-2023-1139
dfn-cert: DFN-CERT-2023-0846
dfn-cert: DFN-CERT-2023-0819
dfn-cert: DFN-CERT-2022-1955
dfn-cert: DFN-CERT-2022-1704
dfn-cert: DFN-CERT-2022-1648
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1323
dfn-cert: DFN-CERT-2022-1267
dfn-cert: DFN-CERT-2022-1143
dfn-cert: DFN-CERT-2022-1081
dfn-cert: DFN-CERT-2022-1054
dfn-cert: DFN-CERT-2022-0873
dfn-cert: DFN-CERT-2022-0871

High (CVSS: 7.5)

NVT: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check

. . . continues on next page . . .

2 RESULTS PER HOST 370

. . . continued from previous page . . .

Summary
Apache Log4j is prone to a remote code execution (RCE) vulnerability in JMSAppender.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.2.17
Fixed version: None
Installation
path / port: C:\Program Files\Apache Software Foundation\tomcat\apache-tom
,→cat-8.0.33\webapps\struts2-rest-showcase\WEB-INF\lib\[Link]

Solution:
Solution type: WillNotFix
No solution was made available by the vendor.
Note: Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as
it addresses numerous other issues from the previous versions.

Aected Software/OS
Apache Log4j version 1.2.x.

Vulnerability Insight
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker
has write access to the Log4j conguration. The attacker can provide TopicBindingName and
TopicConnectionFactoryBindingName congurations causing JMSAppender to perform JNDI
requests that result in remote code execution in a similar fashion to CVE-2021-44228.
Note this issue only aects Log4j 1.2 when specically congured to use JMSAppender, which
is not the default.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check
OID:[Link].4.1.25623.1.0.117843
Version used: 2025-09-04T[Link]Z

References
cve: CVE-2021-4104
url: [Link]
cert-bund: WID-SEC-2024-1926
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0107
cert-bund: WID-SEC-2023-1807
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-1770
cert-bund: WID-SEC-2022-1189
cert-bund: WID-SEC-2022-1015
. . . continues on next page . . .
2 RESULTS PER HOST 371

. . . continued from previous page . . .

cert-bund: WID-SEC-2022-0927
cert-bund: WID-SEC-2022-0628
cert-bund: WID-SEC-2022-0520
cert-bund: CB-K22/0066
cert-bund: CB-K21/1291
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2024-3126
dfn-cert: DFN-CERT-2024-2222
dfn-cert: DFN-CERT-2023-1648
dfn-cert: DFN-CERT-2022-1813
dfn-cert: DFN-CERT-2022-1472
dfn-cert: DFN-CERT-2022-0805
dfn-cert: DFN-CERT-2022-0325
dfn-cert: DFN-CERT-2022-0292
dfn-cert: DFN-CERT-2022-0204
dfn-cert: DFN-CERT-2022-0119
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2022-0015
dfn-cert: DFN-CERT-2021-2666
dfn-cert: DFN-CERT-2021-2643
dfn-cert: DFN-CERT-2021-2641
dfn-cert: DFN-CERT-2021-2633
dfn-cert: DFN-CERT-2021-2624
dfn-cert: DFN-CERT-2021-2598

High (CVSS: 7.5)

NVT: Microsoft Internet Explorer Multiple Vulnerabilities (3124903)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS16-001.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.0.7601.17514
Vulnerable range: 8.0.7601.17000 - 8.0.7601.19103

Impact
Successful exploitation will allow remote attackers to execute arbitrary code and gain elevated
privileges on the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 372

. . . continued from previous page . . .

Aected Software/OS
Microsoft Internet Explorer version 7.x/8.x/9.x/10.x/11.x.

Vulnerability Insight
Multiple aws exist due to:
- An error due to improper handling of objects in memory,
- Improper enforcing of cross-domain policies.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Vulnerabilities (3124903)
OID:[Link].4.1.25623.1.0.806659
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0002
cve: CVE-2016-0005
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0052
dfn-cert: DFN-CERT-2016-0063

High (CVSS: 7.5)

NVT: Microsoft .NET Framework Authentication Bypass and Spoong Vulnerabilities (2836440)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-040.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow an attacker to bypass security mechanism and gain access to
restricted endpoint functions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 373

. . . continued from previous page . . .

Aected Software/OS
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 2.0 Service Pack 2

Vulnerability Insight
The aws are due to
- Improper validation of XML signatures by the CLR
- Error within the WCF endpoint authentication mechanism when handling queries

Vulnerability Detection Method

Details: Microsoft .NET Framework Authentication Bypass and Spoofing Vulnerabilities (28.
,→..
OID:[Link].4.1.25623.1.0.903308
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1336
cve: CVE-2013-1337
url: [Link]
,→13-040
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-0895

High (CVSS: 7.5)

NVT: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check

Summary
Apache Log4j is prone to a remote code execution (RCE) vulnerability in JMSAppender.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.2.17
Fixed version: None
Installation
path / port: C:\Program Files\elasticsearch-1.1.1\lib\[Link]

Solution:
Solution type: WillNotFix
. . . continues on next page . . .
2 RESULTS PER HOST 374

. . . continued from previous page . . .

No solution was made available by the vendor.
Note: Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as
it addresses numerous other issues from the previous versions.

Aected Software/OS
Apache Log4j version 1.2.x.

Vulnerability Insight
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker
has write access to the Log4j conguration. The attacker can provide TopicBindingName and
TopicConnectionFactoryBindingName congurations causing JMSAppender to perform JNDI
requests that result in remote code execution in a similar fashion to CVE-2021-44228.
Note this issue only aects Log4j 1.2 when specically congured to use JMSAppender, which
is not the default.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Log4j 1.2.x RCE Vulnerability (Windows, Dec 2021) - Version Check
OID:[Link].4.1.25623.1.0.117843
Version used: 2025-09-04T[Link]Z

References
cve: CVE-2021-4104
url: [Link]
cert-bund: WID-SEC-2024-1926
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0107
cert-bund: WID-SEC-2023-1807
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-1770
cert-bund: WID-SEC-2022-1189
cert-bund: WID-SEC-2022-1015
cert-bund: WID-SEC-2022-0927
cert-bund: WID-SEC-2022-0628
cert-bund: WID-SEC-2022-0520
cert-bund: CB-K22/0066
cert-bund: CB-K21/1291
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2024-3126
dfn-cert: DFN-CERT-2024-2222
dfn-cert: DFN-CERT-2023-1648
dfn-cert: DFN-CERT-2022-1813
dfn-cert: DFN-CERT-2022-1472
dfn-cert: DFN-CERT-2022-0805
dfn-cert: DFN-CERT-2022-0325
dfn-cert: DFN-CERT-2022-0292
. . . continues on next page . . .
2 RESULTS PER HOST 375

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-0204
dfn-cert: DFN-CERT-2022-0119
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2022-0015
dfn-cert: DFN-CERT-2021-2666
dfn-cert: DFN-CERT-2021-2643
dfn-cert: DFN-CERT-2021-2641
dfn-cert: DFN-CERT-2021-2633
dfn-cert: DFN-CERT-2021-2624
dfn-cert: DFN-CERT-2021-2598

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (jul2022) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u343 ([Link]) and earlier, 8u333 ([Link]) and earlier, 11.x through
[Link], 17.x through [Link], 18.x through [Link] on Windows.

Vulnerability Insight
Multiple aws are due to unspecied errors in 'Libraries', 'JAXP' and 'Hotspot' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2022) - Windows
OID:[Link].4.1.25623.1.0.821189
. . . continues on next page . . .
2 RESULTS PER HOST 376

. . . continued from previous page . . .

Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-34169
cve: CVE-2022-21541
cve: CVE-2022-21540
cve: CVE-2022-21549
url: [Link]
cert-bund: WID-SEC-2025-1565
cert-bund: WID-SEC-2025-1563
cert-bund: WID-SEC-2025-0144
cert-bund: WID-SEC-2024-1659
cert-bund: WID-SEC-2024-1653
cert-bund: WID-SEC-2024-1652
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1622
cert-bund: WID-SEC-2024-0899
cert-bund: WID-SEC-2024-0890
cert-bund: WID-SEC-2024-0870
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0788
cert-bund: WID-SEC-2024-0671
cert-bund: WID-SEC-2024-0124
cert-bund: WID-SEC-2023-2368
cert-bund: WID-SEC-2023-1032
cert-bund: WID-SEC-2023-1017
cert-bund: WID-SEC-2023-0553
cert-bund: WID-SEC-2023-0122
cert-bund: WID-SEC-2022-1244
cert-bund: WID-SEC-2022-0759
cert-bund: WID-SEC-2022-0746
dfn-cert: DFN-CERT-2024-3126
dfn-cert: DFN-CERT-2024-3125
dfn-cert: DFN-CERT-2024-2928
dfn-cert: DFN-CERT-2024-2713
dfn-cert: DFN-CERT-2024-1000
dfn-cert: DFN-CERT-2023-0899
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2321
dfn-cert: DFN-CERT-2022-1955
dfn-cert: DFN-CERT-2022-1837
dfn-cert: DFN-CERT-2022-1714
dfn-cert: DFN-CERT-2022-1661
dfn-cert: DFN-CERT-2022-1607
dfn-cert: DFN-CERT-2022-1606
2 RESULTS PER HOST 377

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (cpuapr2020 - 02) - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u241 ([Link]) and earlier.

Vulnerability Insight
The aw exists due to error in JavaFX component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 02) - Windows
OID:[Link].4.1.25623.1.0.816856
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-18197
url: [Link]
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K20/1030
cert-bund: CB-K20/0319
cert-bund: CB-K20/0097
dfn-cert: DFN-CERT-2020-2299
dfn-cert: DFN-CERT-2020-2131
dfn-cert: DFN-CERT-2020-1107
dfn-cert: DFN-CERT-2020-0771
. . . continues on next page . . .
2 RESULTS PER HOST 378

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2020-0245
dfn-cert: DFN-CERT-2019-2560
dfn-cert: DFN-CERT-2019-2229
dfn-cert: DFN-CERT-2019-2207

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (cpuapr2020 - 02) - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u241 ([Link]) and earlier.

Vulnerability Insight
The aw exists due to error in JavaFX component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 02) - Windows
OID:[Link].4.1.25623.1.0.816856
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-18197
url: [Link]
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K20/1030
. . . continues on next page . . .
2 RESULTS PER HOST 379

. . . continued from previous page . . .

cert-bund: CB-K20/0319
cert-bund: CB-K20/0097
dfn-cert: DFN-CERT-2020-2299
dfn-cert: DFN-CERT-2020-2131
dfn-cert: DFN-CERT-2020-1107
dfn-cert: DFN-CERT-2020-0771
dfn-cert: DFN-CERT-2020-0245
dfn-cert: DFN-CERT-2019-2560
dfn-cert: DFN-CERT-2019-2229
dfn-cert: DFN-CERT-2019-2207

High (CVSS: 7.5)

NVT: Oracle Java SE Security Updates (apr2019-5072813) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attacker to have an impact on
integrity and availability

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u211([Link]) and earlier, 8u202([Link]) and earlier, 11.0.2 and
earlier and 12 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- An error in 'Libraries' component of Java SE.
- An error in 'RMI' component of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 380

. . . continued from previous page . . .

Details: Oracle Java SE Security Updates (apr2019-5072813) 03 - Windows
OID:[Link].4.1.25623.1.0.815103
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2602
cve: CVE-2019-2684
url: [Link]
,→l#AppendixJAVA
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2023-1594
cert-bund: CB-K19/1121
cert-bund: CB-K19/0658
cert-bund: CB-K19/0552
cert-bund: CB-K19/0317
dfn-cert: DFN-CERT-2022-2268
dfn-cert: DFN-CERT-2019-1523
dfn-cert: DFN-CERT-2019-1402
dfn-cert: DFN-CERT-2019-1107
dfn-cert: DFN-CERT-2019-0940
dfn-cert: DFN-CERT-2019-0915
dfn-cert: DFN-CERT-2019-0887
dfn-cert: DFN-CERT-2019-0773

High (CVSS: 7.5)

NVT: Oracle Java SE Security Updates (apr2019-5072813) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attacker to have an impact on
integrity and availability

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 381

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 7u211([Link]) and earlier, 8u202([Link]) and earlier, 11.0.2 and
earlier and 12 on Windows.

Vulnerability Insight
Multiple aws exist due to:
- An error in 'Libraries' component of Java SE.
- An error in 'RMI' component of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2019-5072813) 03 - Windows
OID:[Link].4.1.25623.1.0.815103
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2602
cve: CVE-2019-2684
url: [Link]
,→l#AppendixJAVA
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2023-1594
cert-bund: CB-K19/1121
cert-bund: CB-K19/0658
cert-bund: CB-K19/0552
cert-bund: CB-K19/0317
dfn-cert: DFN-CERT-2022-2268
dfn-cert: DFN-CERT-2019-1523
dfn-cert: DFN-CERT-2019-1402
dfn-cert: DFN-CERT-2019-1107
dfn-cert: DFN-CERT-2019-0940
dfn-cert: DFN-CERT-2019-0915
dfn-cert: DFN-CERT-2019-0887
dfn-cert: DFN-CERT-2019-0773

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (jul2022) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

. . . continues on next page . . .
2 RESULTS PER HOST 382

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u343 ([Link]) and earlier, 8u333 ([Link]) and earlier, 11.x through
[Link], 17.x through [Link], 18.x through [Link] on Windows.

Vulnerability Insight
Multiple aws are due to unspecied errors in 'Libraries', 'JAXP' and 'Hotspot' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2022) - Windows
OID:[Link].4.1.25623.1.0.821189
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-34169
cve: CVE-2022-21541
cve: CVE-2022-21540
cve: CVE-2022-21549
url: [Link]
cert-bund: WID-SEC-2025-1565
cert-bund: WID-SEC-2025-1563
cert-bund: WID-SEC-2025-0144
cert-bund: WID-SEC-2024-1659
cert-bund: WID-SEC-2024-1653
cert-bund: WID-SEC-2024-1652
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1622
cert-bund: WID-SEC-2024-0899
cert-bund: WID-SEC-2024-0890
cert-bund: WID-SEC-2024-0870
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0788
. . . continues on next page . . .
2 RESULTS PER HOST 383

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-0671
cert-bund: WID-SEC-2024-0124
cert-bund: WID-SEC-2023-2368
cert-bund: WID-SEC-2023-1032
cert-bund: WID-SEC-2023-1017
cert-bund: WID-SEC-2023-0553
cert-bund: WID-SEC-2023-0122
cert-bund: WID-SEC-2022-1244
cert-bund: WID-SEC-2022-0759
cert-bund: WID-SEC-2022-0746
dfn-cert: DFN-CERT-2024-3126
dfn-cert: DFN-CERT-2024-3125
dfn-cert: DFN-CERT-2024-2928
dfn-cert: DFN-CERT-2024-2713
dfn-cert: DFN-CERT-2024-1000
dfn-cert: DFN-CERT-2023-0899
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2321
dfn-cert: DFN-CERT-2022-1955
dfn-cert: DFN-CERT-2022-1837
dfn-cert: DFN-CERT-2022-1714
dfn-cert: DFN-CERT-2022-1661
dfn-cert: DFN-CERT-2022-1607
dfn-cert: DFN-CERT-2022-1606

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (jul2022) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_144
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jdk1.8.0_144

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 384

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u343 ([Link]) and earlier, 8u333 ([Link]) and earlier, 11.x through
[Link], 17.x through [Link], 18.x through [Link] on Windows.

Vulnerability Insight
Multiple aws are due to unspecied errors in 'Libraries', 'JAXP' and 'Hotspot' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2022) - Windows
OID:[Link].4.1.25623.1.0.821189
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-34169
cve: CVE-2022-21541
cve: CVE-2022-21540
cve: CVE-2022-21549
url: [Link]
cert-bund: WID-SEC-2025-1565
cert-bund: WID-SEC-2025-1563
cert-bund: WID-SEC-2025-0144
cert-bund: WID-SEC-2024-1659
cert-bund: WID-SEC-2024-1653
cert-bund: WID-SEC-2024-1652
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1622
cert-bund: WID-SEC-2024-0899
cert-bund: WID-SEC-2024-0890
cert-bund: WID-SEC-2024-0870
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0788
cert-bund: WID-SEC-2024-0671
cert-bund: WID-SEC-2024-0124
cert-bund: WID-SEC-2023-2368
cert-bund: WID-SEC-2023-1032
cert-bund: WID-SEC-2023-1017
cert-bund: WID-SEC-2023-0553
cert-bund: WID-SEC-2023-0122
cert-bund: WID-SEC-2022-1244
cert-bund: WID-SEC-2022-0759
cert-bund: WID-SEC-2022-0746
dfn-cert: DFN-CERT-2024-3126
. . . continues on next page . . .
2 RESULTS PER HOST 385

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-3125
dfn-cert: DFN-CERT-2024-2928
dfn-cert: DFN-CERT-2024-2713
dfn-cert: DFN-CERT-2024-1000
dfn-cert: DFN-CERT-2023-0899
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2321
dfn-cert: DFN-CERT-2022-1955
dfn-cert: DFN-CERT-2022-1837
dfn-cert: DFN-CERT-2022-1714
dfn-cert: DFN-CERT-2022-1661
dfn-cert: DFN-CERT-2022-1607
dfn-cert: DFN-CERT-2022-1606

High (CVSS: 7.5)

NVT: Microsoft .NET Framework Information Disclosure Vulnerability (3170048)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-091.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\[Link]\Framework64\v2.0.50727\[Link]
,→l
File version: 2.0.50727.5420
Vulnerable range: Less than 2.0.50727.8692

Impact
Successful exploitation will allow remote attackers to gain access to potentially sensitive infor-
mation.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5.2
- Microsoft .NET Framework 4.6/4.6.1

. . . continues on next page . . .

2 RESULTS PER HOST 386

. . . continued from previous page . . .

Vulnerability Insight
Flaw exists as .NET Framework improperly parses XML input containing a reference to an
external entity.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Information Disclosure Vulnerability (3170048)
OID:[Link].4.1.25623.1.0.807856
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-3255
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1057
dfn-cert: DFN-CERT-2016-1125

High (CVSS: 7.5)

NVT: Microsoft Windows RPC Security Feature Bypass Vulnerability (2978668)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-047

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass the ASLR security feature in con-
junction with another vulnerability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 387

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
The aw is due to RPC improperly frees messages that the server rejects as malformed, allowing
an attacker to ll up the address space of a process.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows RPC Security Feature Bypass Vulnerability (2978668)
OID:[Link].4.1.25623.1.0.802078
Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-0316
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/1013
dfn-cert: DFN-CERT-2014-1053

High (CVSS: 7.5)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-063.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with kernel-mode
privileges or corrupt memory.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows 2003 x32 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 388

. . . continued from previous page . . .

- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The following vulnerabilities exist:
- An error within Address Space Layout Randomization (ASLR) implementation can be exploited
to bypass the ASLR security feature.
- Multiple errors within the NT Virtual DOS Machine (NTVDM) subsystem.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)
OID:[Link].4.1.25623.1.0.902990
Version used: 2025-09-05T[Link]Z

References
cve: CVE-2013-2556
cve: CVE-2013-3196
cve: CVE-2013-3197
cve: CVE-2013-3198
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-1467

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (jul2021) 02 - Windows

Summary
This host is missing a security update according to Oracle.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 389

. . . continued from previous page . . .

Successful exploitation will allow remote attacker to have an impact on integrity, availability and
condentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u291 ([Link]) and earlier, 11.0.11 and earlier, 16.0.1 and earlier on
Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' and 'Networking' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2021) 02 - Windows
OID:[Link].4.1.25623.1.0.818169
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-2388
url: [Link]
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-0464
cert-bund: CB-K21/0981
cert-bund: CB-K21/0783
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-1825
dfn-cert: DFN-CERT-2021-1728
dfn-cert: DFN-CERT-2021-1534
dfn-cert: DFN-CERT-2021-1533

High (CVSS: 7.5)

NVT: Oracle Java SE Multiple Vulnerabilities (Oct 2025) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 390

. . . continued from previous page . . .

Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to perform unauthorized modications to data, disclose
information and conduct denial of service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 11.0.x through 11.0.28, 17.0.x through 17.0.16, 21.0.x through 21.0.8, 25,
8u461 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities (Oct 2025) - Windows
OID:[Link].4.1.25623.1.0.836784
Version used: 2025-10-24T[Link]Z

References
cve: CVE-2025-53066
cve: CVE-2025-53057
url: [Link]
cert-bund: WID-SEC-2025-2365
dfn-cert: DFN-CERT-2025-3055
dfn-cert: DFN-CERT-2025-2943
dfn-cert: DFN-CERT-2025-2942

High (CVSS: 7.5)

NVT: Oracle Java SE Multiple Vulnerabilities (Oct 2025) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 391

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to perform unauthorized modications to data, disclose
information and conduct denial of service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 11.0.x through 11.0.28, 17.0.x through 17.0.16, 21.0.x through 21.0.8, 25,
8u461 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities (Oct 2025) - Windows
OID:[Link].4.1.25623.1.0.836784
Version used: 2025-10-24T[Link]Z

References
cve: CVE-2025-53066
cve: CVE-2025-53057
url: [Link]
cert-bund: WID-SEC-2025-2365
dfn-cert: DFN-CERT-2025-3055
dfn-cert: DFN-CERT-2025-2943
dfn-cert: DFN-CERT-2025-2942

High (CVSS: 7.5)

NVT: Oracle Java SE Security Update (jul2021) 02 - Windows

Summary
This host is missing a security update according to Oracle.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 392

. . . continued from previous page . . .

Successful exploitation will allow remote attacker to have an impact on integrity, availability and
condentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u291 ([Link]) and earlier, 11.0.11 and earlier, 16.0.1 and earlier on
Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' and 'Networking' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2021) 02 - Windows
OID:[Link].4.1.25623.1.0.818169
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-2388
url: [Link]
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-0464
cert-bund: CB-K21/0981
cert-bund: CB-K21/0783
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-1825
dfn-cert: DFN-CERT-2021-1728
dfn-cert: DFN-CERT-2021-1534
dfn-cert: DFN-CERT-2021-1533

High (CVSS: 7.5)

NVT: Microsoft Windows LSASS Local Denial of Service Vulnerability (3216771)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-004.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 393

. . . continued from previous page . . .

File checked: C:\Windows\System32\[Link]
File version: 6.1.7600.16385
Vulnerable range: Less than 6.1.7601.23642

Impact
Successful exploitation will allow attackers to cause a denial of service on the target system's
LSASS service, which triggers an automatic reboot of the system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2

Vulnerability Insight
The aw exists in the way the Local Security Authority Subsystem Service (LSASS) handles
authentication requests.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows LSASS Local Denial of Service Vulnerability (3216771)
OID:[Link].4.1.25623.1.0.809861
Version used: 2023-07-14T[Link]Z

References
cve: CVE-2017-0004
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0038
dfn-cert: DFN-CERT-2017-0040

High (CVSS: 7.5)

NVT: Microsoft .NET Framework DoS Vulnerability (KB5012329)

Summary
This host is missing an important security update according to Microsoft KB5012329

. . . continues on next page . . .

2 RESULTS PER HOST 394

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Vulnerable range: 2.0.50727 - 2.0.50727.8961
File checked: C:\Windows\[Link]\Framework64\v2.0.50727\[Link]
,→l
File version: 2.0.50727.5420

Impact
Successful exploitation will allow an attacker to cause a denial of service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft
Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
The aw exists due to an input validation error in an unknown processing in .NET Framework.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework DoS Vulnerability (KB5012329)
OID:[Link].4.1.25623.1.0.820062
Version used: 2022-04-28T[Link]Z

References
cve: CVE-2022-26832
url: [Link]
cert-bund: WID-SEC-2022-1251
cert-bund: CB-K22/0433
dfn-cert: DFN-CERT-2022-0812

High (CVSS: 7.5)

NVT: Microsoft .NET Framework DoS Vulnerability (KB5009719)

Summary
This host is missing an important security update according to Microsoft KB5009719

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 395

. . . continued from previous page . . .

Vulnerable range: 2.0.50727 - 2.0.50727.8954
File checked: C:\Windows\[Link]\Framework64\[Link]
File version: 2.0.50727.5420

Impact
Successful exploitation will allow an attacker to conduct a denial of service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft
Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
The aw exists due to an error in .NET Framework which allows an unauthenticated attacker to
cause a denial of service on an aected system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework DoS Vulnerability (KB5009719)
OID:[Link].4.1.25623.1.0.818943
Version used: 2022-01-24T[Link]Z

References
cve: CVE-2022-21911
url: [Link]
cert-bund: WID-SEC-2022-1251
cert-bund: CB-K22/0041
dfn-cert: DFN-CERT-2022-0048

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (apr2023) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 396

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u361 and earlier, 11.0.18, 17.0.6, 20.0.0 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in the networking components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2023) 01 - Windows
OID:[Link].4.1.25623.1.0.832045
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-21930
cve: CVE-2023-21937
cve: CVE-2023-21938
cve: CVE-2023-21939
cve: CVE-2023-21967
cve: CVE-2023-21968
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2112
cert-bund: WID-SEC-2023-1846
cert-bund: WID-SEC-2023-1011
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2023-2493
dfn-cert: DFN-CERT-2023-2249
dfn-cert: DFN-CERT-2023-2240
dfn-cert: DFN-CERT-2023-1955
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1879
dfn-cert: DFN-CERT-2023-1605
dfn-cert: DFN-CERT-2023-1418
dfn-cert: DFN-CERT-2023-1336
dfn-cert: DFN-CERT-2023-1304
. . . continues on next page . . .
2 RESULTS PER HOST 397

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2023-0897
dfn-cert: DFN-CERT-2023-0896

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (apr2023) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u361 and earlier, 11.0.18, 17.0.6, 20.0.0 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in the networking components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2023) 01 - Windows
OID:[Link].4.1.25623.1.0.832045
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-21930
cve: CVE-2023-21937
cve: CVE-2023-21938
cve: CVE-2023-21939
cve: CVE-2023-21967
cve: CVE-2023-21968
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 398

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2112
cert-bund: WID-SEC-2023-1846
cert-bund: WID-SEC-2023-1011
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2023-2493
dfn-cert: DFN-CERT-2023-2249
dfn-cert: DFN-CERT-2023-2240
dfn-cert: DFN-CERT-2023-1955
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1879
dfn-cert: DFN-CERT-2023-1605
dfn-cert: DFN-CERT-2023-1418
dfn-cert: DFN-CERT-2023-1336
dfn-cert: DFN-CERT-2023-1304
dfn-cert: DFN-CERT-2023-0897
dfn-cert: DFN-CERT-2023-0896

High (CVSS: 7.4)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 01 - Windows

Summary
Oracle Java SE is prone to a remote security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality and integrity via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 399

. . . continued from previous page . . .

Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier on Win-
dows.

Vulnerability Insight
The aw is due to an unspecied error in the 'Security' component of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 01 - Windows
OID:[Link].4.1.25623.1.0.813098
Version used: 2022-10-10T[Link]Z

References
cve: CVE-2018-2783
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: WID-SEC-2023-0531
cert-bund: CB-K18/0882
cert-bund: CB-K18/0821
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2018-1931
dfn-cert: DFN-CERT-2018-1915
dfn-cert: DFN-CERT-2018-1746
dfn-cert: DFN-CERT-2018-1470
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-1078
dfn-cert: DFN-CERT-2018-0724
dfn-cert: DFN-CERT-2018-0102

High (CVSS: 7.4)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 01 - Windows

Summary
Oracle Java SE is prone to a remote security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 400

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality and integrity via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier on Win-
dows.

Vulnerability Insight
The aw is due to an unspecied error in the 'Security' component of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 01 - Windows
OID:[Link].4.1.25623.1.0.813098
Version used: 2022-10-10T[Link]Z

References
cve: CVE-2018-2783
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: WID-SEC-2023-0531
cert-bund: CB-K18/0882
cert-bund: CB-K18/0821
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2018-1931
dfn-cert: DFN-CERT-2018-1915
dfn-cert: DFN-CERT-2018-1746
dfn-cert: DFN-CERT-2018-1470
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-1078
dfn-cert: DFN-CERT-2018-0724
dfn-cert: DFN-CERT-2018-0102
2 RESULTS PER HOST 401

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (jan2024) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized update, insert or delete access to critical data or all Oracle Java SE

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u391 and earlier 11.0.21, 17.0.9, 21.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in the multiple components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2024) 02 - Windows
OID:[Link].4.1.25623.1.0.832788
Version used: 2024-01-24T[Link]Z

References
cve: CVE-2024-20918
cve: CVE-2024-20952
cve: CVE-2024-20919
cve: CVE-2024-20921
cve: CVE-2024-20945
url: [Link]
cert-bund: WID-SEC-2025-0001
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0121
. . . continues on next page . . .
2 RESULTS PER HOST 402

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-0533
dfn-cert: DFN-CERT-2024-0502
dfn-cert: DFN-CERT-2024-0501
dfn-cert: DFN-CERT-2024-0500
dfn-cert: DFN-CERT-2024-0494
dfn-cert: DFN-CERT-2024-0491
dfn-cert: DFN-CERT-2024-0422
dfn-cert: DFN-CERT-2024-0417
dfn-cert: DFN-CERT-2024-0361
dfn-cert: DFN-CERT-2024-0354
dfn-cert: DFN-CERT-2024-0129
dfn-cert: DFN-CERT-2024-0128

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (jan2024) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized update, insert or delete access to critical data or all Oracle Java SE

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u391 and earlier 11.0.21, 17.0.9, 21.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in the multiple components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 403

. . . continued from previous page . . .

Details: Oracle Java SE Security Update (jan2024) 02 - Windows
OID:[Link].4.1.25623.1.0.832788
Version used: 2024-01-24T[Link]Z

References
cve: CVE-2024-20918
cve: CVE-2024-20952
cve: CVE-2024-20919
cve: CVE-2024-20921
cve: CVE-2024-20945
url: [Link]
cert-bund: WID-SEC-2025-0001
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0121
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-0533
dfn-cert: DFN-CERT-2024-0502
dfn-cert: DFN-CERT-2024-0501
dfn-cert: DFN-CERT-2024-0500
dfn-cert: DFN-CERT-2024-0494
dfn-cert: DFN-CERT-2024-0491
dfn-cert: DFN-CERT-2024-0422
dfn-cert: DFN-CERT-2024-0417
dfn-cert: DFN-CERT-2024-0361
dfn-cert: DFN-CERT-2024-0354
dfn-cert: DFN-CERT-2024-0129
dfn-cert: DFN-CERT-2024-0128

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (Apr 2025) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 404

. . . continued from previous page . . .

Successful exploitation allows an attacker to perform unauthorized modications to data, disclose
information and cause denial of service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u441 and prior, 17.0.x through 17.0.14, 11.0.x through 11.0.26, 21.0.x
through 21.0.6 and 24 on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2025) - Windows
OID:[Link].4.1.25623.1.0.836146
Version used: 2025-04-17T[Link]Z

References
cve: CVE-2025-21587
cve: CVE-2025-30698
url: [Link]
cert-bund: WID-SEC-2025-1035
cert-bund: WID-SEC-2025-0815
dfn-cert: DFN-CERT-2025-3170
dfn-cert: DFN-CERT-2025-3168
dfn-cert: DFN-CERT-2025-2784
dfn-cert: DFN-CERT-2025-2550
dfn-cert: DFN-CERT-2025-1788
dfn-cert: DFN-CERT-2025-1414
dfn-cert: DFN-CERT-2025-1350
dfn-cert: DFN-CERT-2025-1319
dfn-cert: DFN-CERT-2025-1285
dfn-cert: DFN-CERT-2025-1265
dfn-cert: DFN-CERT-2025-0985
dfn-cert: DFN-CERT-2025-0982

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (Apr 2025) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

. . . continues on next page . . .
2 RESULTS PER HOST 405

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to perform unauthorized modications to data, disclose
information and cause denial of service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u441 and prior, 17.0.x through 17.0.14, 11.0.x through 11.0.26, 21.0.x
through 21.0.6 and 24 on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2025) - Windows
OID:[Link].4.1.25623.1.0.836146
Version used: 2025-04-17T[Link]Z

References
cve: CVE-2025-21587
cve: CVE-2025-30698
url: [Link]
cert-bund: WID-SEC-2025-1035
cert-bund: WID-SEC-2025-0815
dfn-cert: DFN-CERT-2025-3170
dfn-cert: DFN-CERT-2025-3168
dfn-cert: DFN-CERT-2025-2784
dfn-cert: DFN-CERT-2025-2550
dfn-cert: DFN-CERT-2025-1788
dfn-cert: DFN-CERT-2025-1414
dfn-cert: DFN-CERT-2025-1350
dfn-cert: DFN-CERT-2025-1319
dfn-cert: DFN-CERT-2025-1285
dfn-cert: DFN-CERT-2025-1265
dfn-cert: DFN-CERT-2025-0985
dfn-cert: DFN-CERT-2025-0982
2 RESULTS PER HOST 406

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (Jul 2024) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to compromise Oracle Java SE, which can result in
unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u411 and prior, 17.0.x through 17.0.11, 11.0.x through 11.0.23, 21.0.x
through 21.0.3 and 22.0.x through 22.0.1 on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21147: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21068: An error in the 2D component of Oracle Java SE.
- CVE-2024-21140: An error in the Hotspot component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Jul 2024) - Windows
OID:[Link].4.1.25623.1.0.834262
Version used: 2024-07-19T[Link]Z

References
cve: CVE-2024-21147
cve: CVE-2024-21145
cve: CVE-2024-21140
cve: CVE-2024-21131
cve: CVE-2024-21138
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 407

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-1658
cert-bund: WID-SEC-2024-1648
cert-bund: WID-SEC-2024-1647
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-2191
dfn-cert: DFN-CERT-2024-2140
dfn-cert: DFN-CERT-2024-2119
dfn-cert: DFN-CERT-2024-1860
dfn-cert: DFN-CERT-2024-1859

High (CVSS: 7.4)

NVT: Oracle Java SE Security Update (Jul 2024) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to compromise Oracle Java SE, which can result in
unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u411 and prior, 17.0.x through 17.0.11, 11.0.x through 11.0.23, 21.0.x
through 21.0.3 and 22.0.x through 22.0.1 on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21147: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21068: An error in the 2D component of Oracle Java SE.
- CVE-2024-21140: An error in the Hotspot component of Oracle Java SE.

. . . continues on next page . . .

2 RESULTS PER HOST 408

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Jul 2024) - Windows
OID:[Link].4.1.25623.1.0.834262
Version used: 2024-07-19T[Link]Z

References
cve: CVE-2024-21147
cve: CVE-2024-21145
cve: CVE-2024-21140
cve: CVE-2024-21131
cve: CVE-2024-21138
url: [Link]
cert-bund: WID-SEC-2024-1658
cert-bund: WID-SEC-2024-1648
cert-bund: WID-SEC-2024-1647
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-2191
dfn-cert: DFN-CERT-2024-2140
dfn-cert: DFN-CERT-2024-2119
dfn-cert: DFN-CERT-2024-1860
dfn-cert: DFN-CERT-2024-1859

High (CVSS: 7.3)

NVT: Oracle Java SE <= 8u451 Security Update (Jul 2025) - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to take control of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 409

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 8u451 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE <= 8u451 Security Update (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.836514
Version used: 2025-07-18T[Link]Z

References
cve: CVE-2025-50063
url: [Link]
cert-bund: WID-SEC-2025-1569
dfn-cert: DFN-CERT-2025-1899

High (CVSS: 7.3)

NVT: Oracle Java SE <= 8u451 Security Update (Jul 2025) - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to take control of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u451 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE <= 8u451 Security Update (Jul 2025) - Windows
. . . continues on next page . . .
2 RESULTS PER HOST 410

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.836514
Version used: 2025-07-18T[Link]Z

References
cve: CVE-2025-50063
url: [Link]
cert-bund: WID-SEC-2025-1569
dfn-cert: DFN-CERT-2025-1899

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability (2913602)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-003

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to the improper use of window handle thread-owned objects in memory. This
may allow local attacker to gain elevated privileges.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerability (29136.
,→..
OID:[Link].4.1.25623.1.0.903424
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2014-0262
. . . continues on next page . . .
2 RESULTS PER HOST 411

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0048
dfn-cert: DFN-CERT-2014-0051

High (CVSS: 7.2)

NVT: Microsoft Windows SHA-2 Code Signing Support Vulnerability (3033929)

Summary
This host is missing an important security update according to Microsoft Advisory 3033929.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass security and gain restricted privi-
leges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to an error within the WebDAV kernel-mode driver ([Link]).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows SHA-2 Code Signing Support Vulnerability (3033929)
OID:[Link].4.1.25623.1.0.805354
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0073
cve: CVE-2015-0075
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
. . . continues on next page . . .
2 RESULTS PER HOST 412

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2015-0324

High (CVSS: 7.2)

NVT: Microsoft Windows Remote Procedure Call Privilege Elevation Vulnerability (3067505)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-076.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attacker to gain privileged access.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2

Vulnerability Insight
The aw occurs when Windows RPC inadvertently allows DCE/RPC connection reection.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Remote Procedure Call Privilege Elevation Vulnerability (3067.
,→..
OID:[Link].4.1.25623.1.0.805921
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2370
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 413

. . . continued from previous page . . .

cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1060

High (CVSS: 7.2)

NVT: Microsoft Windows NDIS Elevation of Privilege Vulnerability (3101722)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-117.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\Drivers\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19030

Impact
Successful exploitation will allow an attacker to gain elevated privileges on a targeted system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
The error exists as NDIS fails to check the length of a buer prior to copying memory into it.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows NDIS Elevation of Privilege Vulnerability (3101722)
OID:[Link].4.1.25623.1.0.806615
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-6098
url: [Link]
url: [Link]
cert-bund: CB-K15/1649
dfn-cert: DFN-CERT-2015-1742
2 RESULTS PER HOST 414

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2799494)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-017.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with kernel-mode
privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
- Race condition errors when handling certain objects in memory can be exploited to execute
arbitrary code with kernel privileges.
- An error when handling the reference counter for certain objects in memory can be exploited
to execute arbitrary code with kernel privileges.

Vulnerability Detection Method

Details: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2799494)
OID:[Link].4.1.25623.1.0.902944
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1278
cve: CVE-2013-1279
cve: CVE-2013-1280
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 415

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→13-017
dfn-cert: DFN-CERT-2013-0291

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2718523)

Summary
This host has important security update missing according to Microsoft Bulletin MS12-047.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode
privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Windows kernel-mode driver improperly validates parameters (when creating a hook procedure)
and specic keyboard layouts, which can be exploited to execute arbitrary code.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2718.
,→..
OID:[Link].4.1.25623.1.0.903033
. . . continues on next page . . .
2 RESULTS PER HOST 416

. . . continued from previous page . . .

Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-1890
cve: CVE-2012-1893
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→12-047
dfn-cert: DFN-CERT-2012-1330

High (CVSS: 7.2)

NVT: Microsoft Windows Remote Code Execution Vulnerability (3116162)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-132.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 2001.12.8530.16385
Vulnerable range: Less than 2001.12.8531.19062

Impact
Successful exploitation will allow an attacker to take complete control of an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 417

. . . continued from previous page . . .

Flaw exists due to an error in the windows which improperly validates input before loading
libraries.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Remote Code Execution Vulnerability (3116162)
OID:[Link].4.1.25623.1.0.806645
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-6128
cve: CVE-2015-6132
cve: CVE-2015-6133
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1804
dfn-cert: DFN-CERT-2015-1903

High (CVSS: 7.2)

NVT: Microsoft Windows Graphics Component Privilege Elevation Vulnerability (3069392)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-072.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
. . . continues on next page . . .
2 RESULTS PER HOST 418

. . . continued from previous page . . .

- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2

Vulnerability Insight
Flaw exists due to error when windows graphics component fails to properly process bitmap
conversions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Graphics Component Privilege Elevation Vulnerability (3069392)
OID:[Link].4.1.25623.1.0.805920
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2364
url: [Link]
url: [Link]
cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1060

High (CVSS: 7.2)

NVT: Microsoft Windows Shell Handler Privilege Escalation Vulnerability (2962488)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-027.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to gain elevated privileges and execute code in the
context of the LocalSystem account.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 419

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
Flaw is due to an error in the 'ShellExecute' function within the Windows Shell API when
handling le associations.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Shell Handler Privilege Escalation Vulnerability (2962488)
OID:[Link].4.1.25623.1.0.804295
Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-1807
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→14-027
cert-bund: CB-K14/0568
dfn-cert: DFN-CERT-2014-0597

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3070102)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-073.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 420

. . . continued from previous page . . .

Successful exploitation will allow remote attackers to bypass security, gain elevated privileges
and execute arbitrary code on aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws exist due to:
- An improper handling of buer elements by windows kernel-mode driver under certain condi-
tions.
- An improper freeing of an object in memory by windows kernel-mode driver.
- Improper handling of buer elements by windows kernel-mode driver under certain conditions.
- Improper freeing of an object in memory by windows kernel-mode driver.
- Insucient validation of certain data passed from user mode by the windows kernel-mode driver.
- Windows kernel-mode driver when it accesses an object in memory that has either not been
correctly initialized or deleted.
- Windows kernel-mode driver when it improperly validates user input.
- Windows kernel-mode driver '[Link]' fails to properly free memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (30701.
,→..
OID:[Link].4.1.25623.1.0.805074
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2363
cve: CVE-2015-2365
cve: CVE-2015-2366
cve: CVE-2015-2367
cve: CVE-2015-2381
cve: CVE-2015-2382
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 421

. . . continued from previous page . . .

url: [Link]
cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1060

High (CVSS: 7.2)

NVT: Microsoft Windows Mount Manager Privilege Elevation Vulnerability (3082487)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-085.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow a local attacker to elevate privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012R2
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to improper symbolic link processing by the Mount Manager component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Mount Manager Privilege Elevation Vulnerability (3082487)
OID:[Link].4.1.25623.1.0.806011
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1769
. . . continues on next page . . .
2 RESULTS PER HOST 422

. . . continued from previous page . . .

cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1174
dfn-cert: DFN-CERT-2015-1236

High (CVSS: 7.2)

NVT: Microsoft Windows Prtition Manager Privilege Elevation Vulnerability (2690533)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-033.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow attackers to gain escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 Service Pack 1 and prior
- Microsoft Windows Vista Service Pack 2 and prior
- Microsoft Windows Server 2008 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 Service Pack 1 and prior

Vulnerability Insight
The aw is due to the way Windows Partition Manager ([Link]) allocates objects in mem-
ory, when two or more processes or threads call Plug and Play (PnP) Conguration Manager
functions at the same time.

Vulnerability Detection Method

Details: Microsoft Windows Prtition Manager Privilege Elevation Vulnerability (2690533)
OID:[Link].4.1.25623.1.0.902677
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-0178
. . . continues on next page . . .
2 RESULTS PER HOST 423

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
,→12-033
dfn-cert: DFN-CERT-2012-0894

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3057839)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-061.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass security, gain elevated privileges
and execute arbitrary code on aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws exist due to:
- Improper handling of buer elements by windows kernel-mode driver under certain conditions.
- Improper freeing of an object in memory by windows kernel-mode driver.
- Insucient validation of certain data passed from user mode by the windows kernel-mode driver.
- Windows kernel-mode driver when it accesses an object in memory that has either not been
correctly initialized or deleted.
- Windows kernel-mode driver when it improperly validates user input.
. . . continues on next page . . .
2 RESULTS PER HOST 424

. . . continued from previous page . . .

- Windows kernel-mode driver '[Link]' fails to properly free memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (30578.
,→..
OID:[Link].4.1.25623.1.0.805582
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1719
cve: CVE-2015-1720
cve: CVE-2015-1721
cve: CVE-2015-1722
cve: CVE-2015-1723
cve: CVE-2015-1724
cve: CVE-2015-1725
cve: CVE-2015-1726
cve: CVE-2015-1727
cve: CVE-2015-1768
cve: CVE-2015-2360
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0783
dfn-cert: DFN-CERT-2015-0827

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3034344)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-023.

. . . continues on next page . . .

2 RESULTS PER HOST 425

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass security and gain restricted privi-
leges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws exist:
- In the Windows kernel-mode driver that could allow the disclosure of kernel memory contents
to an attacker.
- In the Windows kernel-mode driver that is caused when the kernel-mode driver fails to properly
validate the calling threads token.
- In the Windows kernel-mode driver that could allow the disclosure of kernel memory contents
to an attacker.
- In the Windows kernel-mode driver that could allow the disclosure of kernel memory contents
to an attacker. This vulnerability is caused when the Windows kernel-mode driver dereferences
a NULL pointer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (30343.
,→..
OID:[Link].4.1.25623.1.0.805351
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0077
cve: CVE-2015-0078
cve: CVE-2015-0094
. . . continues on next page . . .
2 RESULTS PER HOST 426

. . . continued from previous page . . .

cve: CVE-2015-0095
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
dfn-cert: DFN-CERT-2015-0324

High (CVSS: 7.2)

NVT: Microsoft Windows Create Process Elevation of Privilege Vulnerability (3031432)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-015.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow local attacker to gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw exists as impersonation levels are not properly validated or enforced when creating pro-
cesses.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Create Process Elevation of Privilege Vulnerability (3031432)
OID:[Link].4.1.25623.1.0.805272
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0062
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 427

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: CB-K15/0171
dfn-cert: DFN-CERT-2015-0175

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-015.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to cause a DoS (Denial of Service) and gain
escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Service Pack 3 and prior
- Microsoft Windows XP x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to an information disclosure and an elevation of privilege vulnerability
because the Windows kernel-mode driver improperly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)
OID:[Link].4.1.25623.1.0.804409
. . . continues on next page . . .
2 RESULTS PER HOST 428

. . . continued from previous page . . .

Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-0300
cve: CVE-2014-0323
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0296
dfn-cert: DFN-CERT-2014-0300

High (CVSS: 7.2)

NVT: Microsoft Windows Privilege Elevation Vulnerabilities (3049576)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-038.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow local users to gain privileges via a crafted application.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Flaws are due to:
- A type confusion aw related to NtCreateTransactionManager that may result in the operating
system failing to properly validate and enforce impersonation levels.
. . . continues on next page . . .
2 RESULTS PER HOST 429

. . . continued from previous page . . .

- The operating system failing to properly validate and enforce impersonation levels when han-
dling an MS-DOS device name. This may allow a local attacker to gain elevated privileges.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Privilege Elevation Vulnerabilities (3049576)
OID:[Link].4.1.25623.1.0.805065
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1643
cve: CVE-2015-1644
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0527
dfn-cert: DFN-CERT-2015-0545

High (CVSS: 7.2)

NVT: Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability

(2790113)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-019.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to gain escalated privileges and execute the code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 Edition Service Pack 1 and prior

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 430

. . . continued from previous page . . .

The aw is due to an error in the Client/Server Run-time Subsystem (CSRSS) when handling
the reference counter for certain objects in memory and can be execute code with escalated
privileges.

Vulnerability Detection Method

Details: Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnera.
,→..
OID:[Link].4.1.25623.1.0.902946
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-0076
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→13-019
dfn-cert: DFN-CERT-2013-0296

High (CVSS: 7.2)

NVT: Microsoft Windows Winsock Elevation of Privilege Vulnerability (3104521)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-119.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windowssystem32\Drivers\[Link]
File version: 6.1.7601.17514
Vulnerable range: less than 6.1.7601.19031

Impact
Successful exploitation will allow attackers to gain elevated privileges of an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
. . . continues on next page . . .
2 RESULTS PER HOST 431

. . . continued from previous page . . .

- Microsoft Edge on Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Flaw is due to a double-free error in the Ancillary Function Driver within '[Link]'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Winsock Elevation of Privilege Vulnerability (3104521)
OID:[Link].4.1.25623.1.0.805774
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2478
url: [Link]
url: [Link]
cert-bund: CB-K15/1649
dfn-cert: DFN-CERT-2015-1742

High (CVSS: 7.2)

NVT: Microsoft Windows User Prole Service Privilege Escalation (3021674)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-003.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow local attacker to perform certain actions with higher privileges
and potentially gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 432

. . . continued from previous page . . .

- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw is due to some weaknesses when creating directories and mounting user hives during the
login process.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows User Profile Service Privilege Escalation (3021674)
OID:[Link].4.1.25623.1.0.805126
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0004
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0038
dfn-cert: DFN-CERT-2015-0036

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-068.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode
privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 433

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to an integer overow error when handling certain objects in memory and can
be exploited to execute arbitrary code with kernel privileges.

Vulnerability Detection Method

Details: Microsoft Windows Kernel Privilege Elevation Vulnerability (2724197)
OID:[Link].4.1.25623.1.0.903041
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-2529
url: [Link]
url: [Link]
url: [Link]
,→12-068
dfn-cert: DFN-CERT-2012-1938

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (3038680)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-025.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to run arbitrary code and bypass user account
checks to gain elevated privileges.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 434

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
The aws are exists,
- In the way that Windows Registry Virtualization improperly allows a user to modify the virtual
store of another user.
- when Windows fails to properly validate and enforce impersonation levels.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (3038680)
OID:[Link].4.1.25623.1.0.805350
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0073
cve: CVE-2015-0075
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
dfn-cert: DFN-CERT-2015-0324

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel Local Privilege Escalation Vulnerabilities (2880430)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-101

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 435

. . . continued from previous page . . .

Successful exploitation will allow remote attackers to cause a DoS (Denial of Service) and gain
escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Service Pack 3 and prior
- Microsoft Windows XP x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to:
- An error within the [Link] driver can be exploited to corrupt memory.
- A use-after-free error exists within the [Link] driver.
- An error when processing TrueType font les can be exploited to cause a crash.
- A double fetch error exists within the [Link] driver.
- An integer overow error exists within the [Link] driver.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Local Privilege Escalation Vulnerabilities (2880430)
OID:[Link].4.1.25623.1.0.903417
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-3899
cve: CVE-2013-3902
cve: CVE-2013-3903
cve: CVE-2013-3907
cve: CVE-2013-5058
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 436

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: CB-K13/1027
dfn-cert: DFN-CERT-2013-2048

High (CVSS: 7.2)

NVT: Microsoft Windows Application Compatibility Cache Privilege Escalation (3023266)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-001.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow local attacker to bypass the authorization check to create cache
entries and in turn gain escalated privileges on the system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw is due to the impersonation token of a caller is not properly checked when determining if
an administrator or not.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Application Compatibility Cache Privilege Escalation (3023266)
OID:[Link].4.1.25623.1.0.805125
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0002
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 437

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: CB-K15/0038
dfn-cert: DFN-CERT-2015-0036

High (CVSS: 7.2)

NVT: Microsoft Windows Ancillary Function Driver Elevation of Privilege Vulnerability

(2975684)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS14-040.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to gain elevated privileges and execute arbitrary code
and take complete control of an aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32 Service Pack 3 and prior
- Microsoft Windows 2003 x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2

Vulnerability Insight
Flaw is due to a double-free error in the Ancillary Function Driver within '[Link]'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Ancillary Function Driver Elevation of Privilege Vulnerabilit.
,→..
. . . continues on next page . . .
2 RESULTS PER HOST 438

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.804671
Version used: 2023-07-27T[Link]Z

References
cve: CVE-2014-1767
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0838
dfn-cert: DFN-CERT-2014-0878

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Driver RCE Vulnerabilities (3036220)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-010.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass security and gain restricted privi-
leges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
The aw is due to an error within the WebDAV kernel-mode driver ([Link]).

. . . continues on next page . . .

2 RESULTS PER HOST 439

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver RCE Vulnerabilities (3036220)
OID:[Link].4.1.25623.1.0.805337
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0003
cve: CVE-2015-0010
cve: CVE-2015-0057
cve: CVE-2015-0058
cve: CVE-2015-0059
cve: CVE-2015-0060
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0171
dfn-cert: DFN-CERT-2015-0175

High (CVSS: 7.2)

NVT: Microsoft Windows Installer Service Privilege Escalation Vulnerability (2962490)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-049

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to gain escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 440

. . . continued from previous page . . .

- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw exists due to an error within the Windows Installer Service when handling a repair of a
previously installed application

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Installer Service Privilege Escalation Vulnerability (2962490)
OID:[Link].4.1.25623.1.0.804808
Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-1814
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/1013
dfn-cert: DFN-CERT-2014-1053

High (CVSS: 7.2)

NVT: Microsoft Windows Task Management Privilege Elevation Vulnerabilities (3089657)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-102.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Version Less than 6.1.7601.18951

Impact
Successful exploitation will allow attacker to gain elevated privileges to perform arbitrary ad-
ministration functions such as add users and install applications on the targeted machine.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 441

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012R2
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
Multiple aws are due to:
- Task Management failing to validate and enforce impersonation levels.
- Task Scheduler failing to properly verify certain le system interactions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Task Management Privilege Elevation Vulnerabilities (3089657)
OID:[Link].4.1.25623.1.0.806045
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2524
cve: CVE-2015-2525
cve: CVE-2015-2528
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1321
dfn-cert: DFN-CERT-2015-1385

High (CVSS: 7.2)

NVT: Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-032.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 442

. . . continued from previous page . . .

The target host was found to be vulnerable

Impact
Successful exploitation could allow attackers to bypass certain security restrictions and gain
escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 Service Pack 1
- Microsoft Windows Vista Service Pack 2 and prior
- Microsoft Windows Server 2008 Service Pack 2 and prior

Vulnerability Insight
The aws are due to the way,
- Windows Firewall handles outbound broadcast packets.
- Windows TCP/IP stack handles the binding of an IPv6 address to a local interface.

Vulnerability Detection Method

Details: Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338)
OID:[Link].4.1.25623.1.0.902676
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-0174
cve: CVE-2012-0179
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→12-032
dfn-cert: DFN-CERT-2012-0898

High (CVSS: 7.2)

NVT: Microsoft Windows Privilege Elevation Vulnerabilities (3096447)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-111.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 443

. . . continued from previous page . . .

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Version Less than - 6.1.7601.19018

Impact
Successful exploitation will allow local users to gain privileges via a crafted application.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Multiple aws are due to windows kernel is not handling objects in memory properly.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Privilege Elevation Vulnerabilities (3096447)
OID:[Link].4.1.25623.1.0.805762
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2549
cve: CVE-2015-2550
cve: CVE-2015-2552
cve: CVE-2015-2553
cve: CVE-2015-2554
url: [Link]
url: [Link]
cert-bund: CB-K15/1507
dfn-cert: DFN-CERT-2015-1586
2 RESULTS PER HOST 444

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2731847)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-055.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode
privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to a use-after-free error in [Link] when accessing objects in memory.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (273184.
,→..
OID:[Link].4.1.25623.1.0.903035
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-2527
url: [Link]
url: [Link]
url: [Link]
,→12-055
dfn-cert: DFN-CERT-2012-1570
2 RESULTS PER HOST 445

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (2778930)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-005.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to an error in '[Link]' when handling window broadcast messages.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerability (277893.
,→..
OID:[Link].4.1.25623.1.0.902938
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-0008
url: [Link]
url: [Link]
url: [Link]
,→13-005
dfn-cert: DFN-CERT-2013-0045
2 RESULTS PER HOST 446

High (CVSS: 7.2)

NVT: Microsoft Windows PGM UAF Elevation of Privilege Vulnerability (3116130)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-133

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19055

Impact
Successful exploitation will allow an authenticated user to execute code with elevated privileges
that would allow them to install programs.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Edge on Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
The aw is due to some unspecied weakness in the Windows Pragmatic General Multicast
(PGM) protocol.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows PGM UAF Elevation of Privilege Vulnerability (3116130)
OID:[Link].4.1.25623.1.0.806775
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-6126
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 447

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1804
dfn-cert: DFN-CERT-2015-1903

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-076.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain escalated privileges, read arbitrary
kernel memory and cause a DoS (Denial of Service).

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to error related to multiple fetch within the kernel-mode driver
([Link]).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876.
,→..
. . . continues on next page . . .
2 RESULTS PER HOST 448

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.902994
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1341
cve: CVE-2013-1342
cve: CVE-2013-1343
cve: CVE-2013-1344
cve: CVE-2013-3864
cve: CVE-2013-3865
cve: CVE-2013-3866
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/0638
dfn-cert: DFN-CERT-2013-1634

High (CVSS: 7.2)

NVT: Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-041.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to execute arbitrary code with kernel-mode
privileges

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 449

. . . continued from previous page . . .

- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to:
- An error in [Link] within the string atom class name and lipboard format atom name
handling and can be exploited to execute arbitrary code.
- An integer overow error when handling the reference counter for font resources when loading
TrueType fonts.
- A race condition error in [Link] when handling particular thread creation attempts and
can be exploited to execute arbitrary code.

Vulnerability Detection Method

Details: Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)
OID:[Link].4.1.25623.1.0.902917
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-1864
cve: CVE-2012-1865
cve: CVE-2012-1866
cve: CVE-2012-1867
cve: CVE-2012-1868
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→12-041
dfn-cert: DFN-CERT-2012-1124

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2840221)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-046.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 450

. . . continued from previous page . . .

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain escalated privileges or cause buer
overow and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to:
- A race condition error within the DirectX graphics kernel subsystem.
- An unspecied error within the Windows kernel-mode driver ([Link])

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2840.
,→..
OID:[Link].4.1.25623.1.0.903208
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1332
cve: CVE-2013-1333
cve: CVE-2013-1334
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-0891
2 RESULTS PER HOST 451

High (CVSS: 7.2)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2807986)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-027.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to compromise the aected system and
possibly execute arbitrary code with System-level privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
Multiple aws are due to improper handling of objects in memory by the kernel-mode driver,
which can be exploited by inserting a malicious USB device into the system.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2807.
,→..
OID:[Link].4.1.25623.1.0.903200
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1285
cve: CVE-2013-1286
cve: CVE-2013-1287
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 452

. . . continued from previous page . . .

url: [Link]
url: [Link]
,→13-027
dfn-cert: DFN-CERT-2013-0535

High (CVSS: 7.1)

NVT: Oracle Java SE Security Updates (oct2017-3236626) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow attackers to partially access data, partially
modify data, and partially deny services.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, 9.0 on Windows

Vulnerability Insight
The aw exists due to a aw in the Deployment component of the application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 01 - Windows
OID:[Link].4.1.25623.1.0.812036
Version used: 2025-09-12T[Link]Z

References
cve: CVE-2017-10309
url: [Link]
url: [Link]
cert-bund: CB-K17/2168
. . . continues on next page . . .
2 RESULTS PER HOST 453

. . . continued from previous page . . .

cert-bund: CB-K17/2047
cert-bund: CB-K17/1745
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2017-2268
dfn-cert: DFN-CERT-2017-2135
dfn-cert: DFN-CERT-2017-1825

High (CVSS: 7.1)

NVT: Oracle Java SE Security Updates (oct2017-3236626) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow attackers to partially access data, partially
modify data, and partially deny services.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, 9.0 on Windows

Vulnerability Insight
The aw exists due to a aw in the Deployment component of the application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 01 - Windows
OID:[Link].4.1.25623.1.0.812036
Version used: 2025-09-12T[Link]Z

References
cve: CVE-2017-10309
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 454

. . . continued from previous page . . .

url: [Link]
cert-bund: CB-K17/2168
cert-bund: CB-K17/2047
cert-bund: CB-K17/1745
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2017-2268
dfn-cert: DFN-CERT-2017-2135
dfn-cert: DFN-CERT-2017-1825

High (CVSS: 7.1)

NVT: Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow attackers to partially access data and cause
a partial denial of service conditions.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, 9.0 on Windows

Vulnerability Insight
Multiple aws exist due to a aw in 'JAX-WS' component of the application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows
OID:[Link].4.1.25623.1.0.812039
Version used: 2025-09-12T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 455

. . . continued from previous page . . .

cve: CVE-2016-10165
cve: CVE-2017-10350
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0030
cert-bund: CB-K17/2199
cert-bund: CB-K17/2168
cert-bund: CB-K17/2047
cert-bund: CB-K17/1745
cert-bund: CB-K17/0159
dfn-cert: DFN-CERT-2018-1900
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0039
dfn-cert: DFN-CERT-2017-2300
dfn-cert: DFN-CERT-2017-2268
dfn-cert: DFN-CERT-2017-2135
dfn-cert: DFN-CERT-2017-1825
dfn-cert: DFN-CERT-2017-0163

High (CVSS: 7.1)

NVT: Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow attackers to partially access data and cause
a partial denial of service conditions.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 456

. . . continued from previous page . . .

Oracle Java SE version [Link] and earlier, [Link] and earlier, 9.0 on Windows

Vulnerability Insight
Multiple aws exist due to a aw in 'JAX-WS' component of the application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows
OID:[Link].4.1.25623.1.0.812039
Version used: 2025-09-12T[Link]Z

References
cve: CVE-2016-10165
cve: CVE-2017-10350
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0030
cert-bund: CB-K17/2199
cert-bund: CB-K17/2168
cert-bund: CB-K17/2047
cert-bund: CB-K17/1745
cert-bund: CB-K17/0159
dfn-cert: DFN-CERT-2018-1900
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0039
dfn-cert: DFN-CERT-2017-2300
dfn-cert: DFN-CERT-2017-2268
dfn-cert: DFN-CERT-2017-2135
dfn-cert: DFN-CERT-2017-1825
dfn-cert: DFN-CERT-2017-0163

High (CVSS: 7.1)

NVT: Microsoft DirectAccess Security Advisory (2862152)

Summary
This host is missing an important security update according to Microsoft advisory (2862152).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 457

. . . continued from previous page . . .

Successful exploitation will allow an attacker to intercept the target user's network trac and
potentially determine their encrypted domain credentials.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows 8.1 x32/x64

Vulnerability Insight
The aw is due to improper verication of DirectAccess server connections to DirectAccess clients
by DirectAccess.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft DirectAccess Security Advisory (2862152)
OID:[Link].4.1.25623.1.0.804143
Version used: 2023-07-27T[Link]Z

References
cve: CVE-2013-3876
url: [Link]
url: [Link]
,→862152

High (CVSS: 7.1)

NVT: Microsoft Window XML Core Services Information Disclosure Vulnerability (2916036)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-005.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 458

. . . continued from previous page . . .

The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to read les on the local le system of the
user or read content of web domains where the user is currently authenticated.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
The aw is due to an unspecied error which improperly enforce cross-domain policies.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Window XML Core Services Information Disclosure Vulnerability (291603.
,→..
OID:[Link].4.1.25623.1.0.903510
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2014-0266
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0168
dfn-cert: DFN-CERT-2014-0174
2 RESULTS PER HOST 459

High (CVSS: 7.1)

NVT: Microsoft Windows Kernel-Mode Driver TrueType Font DoS Vulnerability (3002885)

Summary
This host is missing a moderate security update according to Microsoft Bulletin MS14-079.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow an attacker to conduct denial-of-service attack.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
The aw is due to an integer underow error in the 'vFill_IFIMETRICS' function within the
[Link] module when processing font les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver TrueType Font DoS Vulnerability (3002885)
OID:[Link].4.1.25623.1.0.804878
Version used: 2023-07-27T[Link]Z

References
cve: CVE-2014-6317
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/1402
dfn-cert: DFN-CERT-2014-1473
2 RESULTS PER HOST 460

High (CVSS: 7.1)

NVT: Microsoft Windows Kernel-Mode Driver Denial of Service Vulnerability (2845690)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-049.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow attackers to cause a denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to an integer overow error within Windows TCP/IP driver when handling
packets during TCP connection, which can be exploited to cause the system to stop responding.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Driver Denial of Service Vulnerability (2845690)
OID:[Link].4.1.25623.1.0.902975
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-3138
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-1112
2 RESULTS PER HOST 461

High (CVSS: 7.1)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2829996)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-036.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain escalated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Multiple aws are due to:
- Improper handling of certain objects in kernel memory.
- Improper parsing of crafted OpenType font les.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2829.
,→..
OID:[Link].4.1.25623.1.0.903202
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1283
cve: CVE-2013-1291
cve: CVE-2013-1292
cve: CVE-2013-1293
. . . continues on next page . . .
2 RESULTS PER HOST 462

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-0748

High (CVSS: 7.0)

NVT: 7-Zip Mark-of-the-Web Bypass Vulnerability (Jan 2025) - Windows

Summary
7zip is prone to a mark-of-the-web bypass vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: 24.09
Installation
path / port: C:\Program Files\7-Zip\

Impact
Successful exploitation allows an attacker to bypass the 'Mark-of-the-Web' security feature in
Windows and execute arbitrary code in the context of the current user.

Solution:
Solution type: VendorFix
Update to version 24.09 or later.

Aected Software/OS
7zip version prior to 24.09 on Windows.

Vulnerability Insight
The aw exists due to an incomplete implementation or design oversight in 7-Zip's handling of
the Mark-of-the-Web mechanism when extracting les from archives.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7-Zip Mark-of-the-Web Bypass Vulnerability (Jan 2025) - Windows
OID:[Link].4.1.25623.1.0.834902
Version used: 2025-04-11T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 463

. . . continued from previous page . . .

References
cve: CVE-2025-0411
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
,→[Link]
cert-bund: WID-SEC-2025-0129
dfn-cert: DFN-CERT-2025-0228

[ return to [Link] ]

2.1.9 High 4848/tcp

High (CVSS: 7.5)

NVT: Oracle GlassFish Server <= 4.1.1 Directory Traversal Vulnerability - Active Check

Summary
GlassFish server is prone to a directory traversal vulnerability.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
Vulnerable URL: [Link]
,→ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%
,→ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/[Link]

Impact
Successful exploitation will allow remote attackers to gain access to sensitive information.

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
Oracle GlassFish Server version 4.1.1 and probably prior.

Vulnerability Insight
The aw is due to
- Improper sanitization of parameter 'META-INF' in '[Link]' le.

. . . continues on next page . . .

2 RESULTS PER HOST 464

. . . continued from previous page . . .

Vulnerability Detection Method
Sends a crafted HTTP GET request and checks the response.
Details: Oracle GlassFish Server <= 4.1.1 Directory Traversal Vulnerability - Active Che.
,→..
OID:[Link].4.1.25623.1.0.806848
Version used: 2025-04-15T[Link]Z

References
cve: CVE-2017-1000028
url: [Link]

High (CVSS: 7.5)

NVT: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Report Supported Cipher Suites (OID: [Link].4.1.25623.1.0.
,→802067)

Summary
This routine reports all SSL/TLS cipher suites accepted by a service where attack vectors exists
only on HTTPS services.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
'Vulnerable' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
'Vulnerable' cipher suites accepted by this service via the TLSv1.1 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
'Vulnerable' cipher suites accepted by this service via the TLSv1.2 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)

Impact
This could allow remote attackers to obtain sensitive information or have other, unspecied
impacts.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 465

. . . continued from previous page . . .

Solution type: Mitigation
The conguration of this services should be changed so that it does not accept the listed cipher
suites anymore.
Please see the references for more resources supporting you with this task.

Aected Software/OS
All services accepting vulnerable SSL/TLS cipher suites via HTTPS.

Vulnerability Insight
These rules are applied for the evaluation of the vulnerable cipher suites:
- 64-bit block cipher 3DES vulnerable to the SWEET32 attack (CVE-2016-2183).

Vulnerability Detection Method

Checks previous collected cipher suites.
Details: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS
OID:[Link].4.1.25623.1.0.108031
Version used: 2025-03-27T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Report Supported Cipher Suites
OID: [Link].4.1.25623.1.0.802067)

References
cve: CVE-2016-2183
cve: CVE-2016-6329
cve: CVE-2020-12872
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
cert-bund: WID-SEC-2024-1277
cert-bund: WID-SEC-2024-0209
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2022-2226
cert-bund: WID-SEC-2022-1955
. . . continues on next page . . .
2 RESULTS PER HOST 466

. . . continued from previous page . . .

cert-bund: CB-K21/1094
cert-bund: CB-K20/1023
cert-bund: CB-K20/0321
cert-bund: CB-K20/0314
cert-bund: CB-K20/0157
cert-bund: CB-K19/0618
cert-bund: CB-K19/0615
cert-bund: CB-K18/0296
cert-bund: CB-K17/1980
cert-bund: CB-K17/1871
cert-bund: CB-K17/1803
cert-bund: CB-K17/1753
cert-bund: CB-K17/1750
cert-bund: CB-K17/1709
cert-bund: CB-K17/1558
cert-bund: CB-K17/1273
cert-bund: CB-K17/1202
cert-bund: CB-K17/1196
cert-bund: CB-K17/1055
cert-bund: CB-K17/1026
cert-bund: CB-K17/0939
cert-bund: CB-K17/0917
cert-bund: CB-K17/0915
cert-bund: CB-K17/0877
cert-bund: CB-K17/0796
cert-bund: CB-K17/0724
cert-bund: CB-K17/0661
cert-bund: CB-K17/0657
cert-bund: CB-K17/0582
cert-bund: CB-K17/0581
cert-bund: CB-K17/0506
cert-bund: CB-K17/0504
cert-bund: CB-K17/0467
cert-bund: CB-K17/0345
cert-bund: CB-K17/0098
cert-bund: CB-K17/0089
cert-bund: CB-K17/0086
cert-bund: CB-K17/0082
cert-bund: CB-K16/1837
cert-bund: CB-K16/1830
cert-bund: CB-K16/1635
cert-bund: CB-K16/1630
cert-bund: CB-K16/1624
cert-bund: CB-K16/1622
cert-bund: CB-K16/1500
cert-bund: CB-K16/1465
cert-bund: CB-K16/1307
. . . continues on next page . . .
2 RESULTS PER HOST 467

. . . continued from previous page . . .

cert-bund: CB-K16/1296
dfn-cert: DFN-CERT-2025-0041
dfn-cert: DFN-CERT-2021-1618
dfn-cert: DFN-CERT-2021-0775
dfn-cert: DFN-CERT-2021-0770
dfn-cert: DFN-CERT-2021-0274
dfn-cert: DFN-CERT-2020-2141
dfn-cert: DFN-CERT-2020-0368
dfn-cert: DFN-CERT-2019-1455
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1296
dfn-cert: DFN-CERT-2018-0323
dfn-cert: DFN-CERT-2017-2070
dfn-cert: DFN-CERT-2017-1954
dfn-cert: DFN-CERT-2017-1885
dfn-cert: DFN-CERT-2017-1831
dfn-cert: DFN-CERT-2017-1821
dfn-cert: DFN-CERT-2017-1785
dfn-cert: DFN-CERT-2017-1626
dfn-cert: DFN-CERT-2017-1326
dfn-cert: DFN-CERT-2017-1239
dfn-cert: DFN-CERT-2017-1238
dfn-cert: DFN-CERT-2017-1090
dfn-cert: DFN-CERT-2017-1060
dfn-cert: DFN-CERT-2017-0968
dfn-cert: DFN-CERT-2017-0947
dfn-cert: DFN-CERT-2017-0946
dfn-cert: DFN-CERT-2017-0904
dfn-cert: DFN-CERT-2017-0816
dfn-cert: DFN-CERT-2017-0746
dfn-cert: DFN-CERT-2017-0677
dfn-cert: DFN-CERT-2017-0675
dfn-cert: DFN-CERT-2017-0611
dfn-cert: DFN-CERT-2017-0609
dfn-cert: DFN-CERT-2017-0522
dfn-cert: DFN-CERT-2017-0519
dfn-cert: DFN-CERT-2017-0482
dfn-cert: DFN-CERT-2017-0351
dfn-cert: DFN-CERT-2017-0090
dfn-cert: DFN-CERT-2017-0089
dfn-cert: DFN-CERT-2017-0088
dfn-cert: DFN-CERT-2017-0086
dfn-cert: DFN-CERT-2016-1943
dfn-cert: DFN-CERT-2016-1937
dfn-cert: DFN-CERT-2016-1732
dfn-cert: DFN-CERT-2016-1726
dfn-cert: DFN-CERT-2016-1715
. . . continues on next page . . .
2 RESULTS PER HOST 468

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2016-1714
dfn-cert: DFN-CERT-2016-1588
dfn-cert: DFN-CERT-2016-1555
dfn-cert: DFN-CERT-2016-1391
dfn-cert: DFN-CERT-2016-1378

[ return to [Link] ]

2.1.10 High 9200/tcp

High (CVSS: 8.8)

NVT: Elastic Elasticsearch 'CVE-2018-3831' Information Disclosure Vulnerability - Windows

Summary
Elasticsearch is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 5.6.12

Impact
Successful exploitation would allow an authenticated attacker to acquire valid login credentials.

Solution:
Solution type: VendorFix
Update to version 5.6.12 or 6.4.1 respectively.

Aected Software/OS
Elasticsearch versions through 5.6.11 and 6.0.0 through 6.4.0.

Vulnerability Insight
The _cluster/settings API, when queried, could leak sensitive conguration information such as
passwords, tokens or usernames.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch 'CVE-2018-3831' Information Disclosure Vulnerability - Wi.
,→..
OID:[Link].4.1.25623.1.0.113276
Version used: 2025-09-03T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 469

. . . continued from previous page . . .

References
cve: CVE-2018-3831
url: [Link]
,→/149035
url: [Link]
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2020-1653

[ return to [Link] ]

2.1.11 High 8383/tcp

High (CVSS: 7.5)

NVT: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Report Supported Cipher Suites (OID: [Link].4.1.25623.1.0.
,→802067)

Summary
This routine reports all SSL/TLS cipher suites accepted by a service where attack vectors exists
only on HTTPS services.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
'Vulnerable' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
'Vulnerable' cipher suites accepted by this service via the TLSv1.1 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
'Vulnerable' cipher suites accepted by this service via the TLSv1.2 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)

Impact
This could allow remote attackers to obtain sensitive information or have other, unspecied
impacts.
. . . continues on next page . . .
2 RESULTS PER HOST 470

. . . continued from previous page . . .

Solution:
Solution type: Mitigation
The conguration of this services should be changed so that it does not accept the listed cipher
suites anymore.
Please see the references for more resources supporting you with this task.

Aected Software/OS
All services accepting vulnerable SSL/TLS cipher suites via HTTPS.

Vulnerability Insight
These rules are applied for the evaluation of the vulnerable cipher suites:
- 64-bit block cipher 3DES vulnerable to the SWEET32 attack (CVE-2016-2183).

Vulnerability Detection Method

Checks previous collected cipher suites.
Details: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS
OID:[Link].4.1.25623.1.0.108031
Version used: 2025-03-27T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Report Supported Cipher Suites
OID: [Link].4.1.25623.1.0.802067)

References
cve: CVE-2016-2183
cve: CVE-2016-6329
cve: CVE-2020-12872
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
cert-bund: WID-SEC-2024-1277
cert-bund: WID-SEC-2024-0209
cert-bund: WID-SEC-2024-0064
. . . continues on next page . . .
2 RESULTS PER HOST 471

. . . continued from previous page . . .

cert-bund: WID-SEC-2022-2226
cert-bund: WID-SEC-2022-1955
cert-bund: CB-K21/1094
cert-bund: CB-K20/1023
cert-bund: CB-K20/0321
cert-bund: CB-K20/0314
cert-bund: CB-K20/0157
cert-bund: CB-K19/0618
cert-bund: CB-K19/0615
cert-bund: CB-K18/0296
cert-bund: CB-K17/1980
cert-bund: CB-K17/1871
cert-bund: CB-K17/1803
cert-bund: CB-K17/1753
cert-bund: CB-K17/1750
cert-bund: CB-K17/1709
cert-bund: CB-K17/1558
cert-bund: CB-K17/1273
cert-bund: CB-K17/1202
cert-bund: CB-K17/1196
cert-bund: CB-K17/1055
cert-bund: CB-K17/1026
cert-bund: CB-K17/0939
cert-bund: CB-K17/0917
cert-bund: CB-K17/0915
cert-bund: CB-K17/0877
cert-bund: CB-K17/0796
cert-bund: CB-K17/0724
cert-bund: CB-K17/0661
cert-bund: CB-K17/0657
cert-bund: CB-K17/0582
cert-bund: CB-K17/0581
cert-bund: CB-K17/0506
cert-bund: CB-K17/0504
cert-bund: CB-K17/0467
cert-bund: CB-K17/0345
cert-bund: CB-K17/0098
cert-bund: CB-K17/0089
cert-bund: CB-K17/0086
cert-bund: CB-K17/0082
cert-bund: CB-K16/1837
cert-bund: CB-K16/1830
cert-bund: CB-K16/1635
cert-bund: CB-K16/1630
cert-bund: CB-K16/1624
cert-bund: CB-K16/1622
cert-bund: CB-K16/1500
. . . continues on next page . . .
2 RESULTS PER HOST 472

. . . continued from previous page . . .

cert-bund: CB-K16/1465
cert-bund: CB-K16/1307
cert-bund: CB-K16/1296
dfn-cert: DFN-CERT-2025-0041
dfn-cert: DFN-CERT-2021-1618
dfn-cert: DFN-CERT-2021-0775
dfn-cert: DFN-CERT-2021-0770
dfn-cert: DFN-CERT-2021-0274
dfn-cert: DFN-CERT-2020-2141
dfn-cert: DFN-CERT-2020-0368
dfn-cert: DFN-CERT-2019-1455
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1296
dfn-cert: DFN-CERT-2018-0323
dfn-cert: DFN-CERT-2017-2070
dfn-cert: DFN-CERT-2017-1954
dfn-cert: DFN-CERT-2017-1885
dfn-cert: DFN-CERT-2017-1831
dfn-cert: DFN-CERT-2017-1821
dfn-cert: DFN-CERT-2017-1785
dfn-cert: DFN-CERT-2017-1626
dfn-cert: DFN-CERT-2017-1326
dfn-cert: DFN-CERT-2017-1239
dfn-cert: DFN-CERT-2017-1238
dfn-cert: DFN-CERT-2017-1090
dfn-cert: DFN-CERT-2017-1060
dfn-cert: DFN-CERT-2017-0968
dfn-cert: DFN-CERT-2017-0947
dfn-cert: DFN-CERT-2017-0946
dfn-cert: DFN-CERT-2017-0904
dfn-cert: DFN-CERT-2017-0816
dfn-cert: DFN-CERT-2017-0746
dfn-cert: DFN-CERT-2017-0677
dfn-cert: DFN-CERT-2017-0675
dfn-cert: DFN-CERT-2017-0611
dfn-cert: DFN-CERT-2017-0609
dfn-cert: DFN-CERT-2017-0522
dfn-cert: DFN-CERT-2017-0519
dfn-cert: DFN-CERT-2017-0482
dfn-cert: DFN-CERT-2017-0351
dfn-cert: DFN-CERT-2017-0090
dfn-cert: DFN-CERT-2017-0089
dfn-cert: DFN-CERT-2017-0088
dfn-cert: DFN-CERT-2017-0086
dfn-cert: DFN-CERT-2016-1943
dfn-cert: DFN-CERT-2016-1937
dfn-cert: DFN-CERT-2016-1732
. . . continues on next page . . .
2 RESULTS PER HOST 473

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2016-1726
dfn-cert: DFN-CERT-2016-1715
dfn-cert: DFN-CERT-2016-1714
dfn-cert: DFN-CERT-2016-1588
dfn-cert: DFN-CERT-2016-1555
dfn-cert: DFN-CERT-2016-1391
dfn-cert: DFN-CERT-2016-1378

High (CVSS: 7.5)

NVT: '/.//WEB-INF/' Information Disclosure Vulnerability (HTTP)

Summary
Various application or web servers / products are prone to an information disclosure vulnerability.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
Vulnerable URL: [Link]
Response (truncated):
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="[Link]
xmlns:xsi="[Link]
xsi:schemaLocation="[Link] [Link]
ns/j2ee/web-app_2_4.xsd" version="2.4">
<!-- $Id$ -->
<!-- Added for MickeyClient Pdf Generation -->
<context-param>
<param-name>ContextPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>defaultSkin</param-name>
<param-value>woody</param-value>
</context-param>
<context-param>
<param-name>useInstantFeedback</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>mailServerName</param-name>
<param-value>[Link]</param-value>
</context-param>
<context-param>
<param-name>instantFeedbackAddress</param-name>
<param-value>sym-issues@[Link]</param-value>
. . . continues on next page . . .
2 RESULTS PER HOST 474

. . . continued from previous page . . .

</context-param>
<context-param>
<param-name>AUTO_IMPORT_USER</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>PARAMETER-ENCODING</param-name>
<param-value>UTF-8</param-value>
</context-param>
<listener>
<listener-class>[Link]
,→ngListener</listener-class>
</listener>
<!-- SDP-DC integration -->
<listener>
<listener-class>[Link]</listener
,→-class>
</listener>
<!-- SDP-DC integra

Impact
Based on the information provided in this le an attacker might be able to gather additional info
and/or sensitive data about the application / the application / web server.

Solution:
Solution type: VendorFix
The following vendor xes are known:
- Update to Payara Platform Enterprise 5.31.0, Payara Platform Community 5.2021.7 or later.
For other products please contact the vendor for more information on possible xes.

Aected Software/OS
The following products are known to be aected:
- Payara Platform Enterprise / Community
Other products might be aected as well.

Vulnerability Insight
The servlet specication prohibits servlet containers from serving resources in the '/WEB-INF'
and '/META-INF' directories of a web application archive directly to clients.
This means that URLs like:
[Link]
will return an error message, rather than the contents of the deployment descriptor.
However, some application or web servers / products are prone to a vulnerability that exposes
this information if the client requests a URL like this instead:
[Link]
[Link]
(note the './/' before 'WEB-INF').
. . . continues on next page . . .
2 RESULTS PER HOST 475

. . . continued from previous page . . .

Vulnerability Detection Method

Sends a crafted HTTP GET request and checks the response.
Details: '/.//WEB-INF/' Information Disclosure Vulnerability (HTTP)
OID:[Link].4.1.25623.1.0.117707
Version used: 2023-03-06T[Link]Z

References
cve: CVE-2021-41381
url: [Link]
,→[Link]
url: [Link]
,→-[Link]

[ return to [Link] ]

2.1.12 High 1617/tcp

High (CVSS: 7.5)

NVT: Java JMX Insecure Conguration Vulnerability - Active Check

Summary
The Java JMX interface is congured in an insecure way by allowing unauthenticated attackers
to load classes from any remote URL.

Quality of Detection (QoD): 70%

Vulnerability Detection Result
It was possible to call '[Link]' on the
,→ RMI port 49191/tcp without providing any credentials.

Solution:
Solution type: Mitigation
Enable password authentication and/or SSL client certicate authentication for the JMX agent.

Vulnerability Detection Method

Sends crafted RMI requests and checks the responses.
Details: Java JMX Insecure Configuration Vulnerability - Active Check
OID:[Link].4.1.25623.1.0.143207
Version used: 2025-04-11T[Link]Z

References
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 476

. . . continued from previous page . . .

url: [Link]
url: [Link]

[ return to [Link] ]

2.1.13 Medium 8443/tcp

Medium (CVSS: 5.4)

NVT: SSL/TLS: Report 'Anonymous' Cipher Suites

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Report Supported Cipher Suites (OID: [Link].4.1.25623.1.0.
,→802067)

Summary
This routine reports all 'Anonymous' SSL/TLS cipher suites accepted by a service.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
'Anonymous' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_WITH_AES_128_CBC_SHA

Impact
This could allow remote attackers to obtain sensitive information or have other, unspecied
impacts.

Solution:
Solution type: Mitigation
The conguration of this services should be changed so that it does not accept the listed 'Anony-
mous' cipher suites anymore.
Please see the references for more resources supporting you in this task.

Aected Software/OS
All services providing an encrypted communication using 'Anonymous' SSL/TLS cipher suites.

Vulnerability Insight
Services supporting 'Anonymous' cipher suites could allow a client to negotiate an SSL/TLS
connection to the host without any authentication of the remote endpoint.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 477

. . . continued from previous page . . .

Checks previous collected cipher suites.
Details: SSL/TLS: Report 'Anonymous' Cipher Suites
OID:[Link].4.1.25623.1.0.108147
Version used: 2025-03-27T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Report Supported Cipher Suites
OID: [Link].4.1.25623.1.0.802067)

References
cve: CVE-2007-1858
cve: CVE-2014-0351
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
,→/28482
url: [Link]
,→/69754
cert-bund: CB-K14/0058
dfn-cert: DFN-CERT-2014-0049
dfn-cert: DFN-CERT-2012-0442

Medium (CVSS: 4.3)

NVT: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection

Product detection result

cpe:/a:ietf:transport_layer_security:1.0
Detected by SSL/TLS: Version Detection (OID: [Link].4.1.25623.1.0.105782)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 478

. . . continued from previous page . . .

It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this
system.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
The service is only providing the deprecated TLSv1.0 protocol and supports one o
,→r more ciphers. Those supported ciphers can be found in the 'SSL/TLS: Report S
,→upported Cipher Suites' (OID: [Link].4.1.25623.1.0.802067) VT.

Impact
An attacker might be able to use the known cryptographic aws to eavesdrop the connection
between clients and the service to get access to sensitive data transferred within the secured
connection.
Furthermore newly uncovered vulnerabilities in this protocols won't receive security updates
anymore.

Solution:
Solution type: Mitigation
It is recommended to disable the deprecated TLSv1.0 and/or TLSv1.1 protocols in favor of the
TLSv1.2+ protocols.
Please see the references for more resources supporting you with this task.

Aected Software/OS
- All services providing an encrypted communication using the TLSv1.0 and/or TLSv1.1 protocols
- CVE-2023-41928: Kiloview P1 4G and P2 4G Video Encoder
- CVE-2024-41270: Gorush v1.18.4
- CVE-2025-3200: Multiple products from Wiesemann & Theis

Vulnerability Insight
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic aws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded
Legacy Encryption (FREAK)

Vulnerability Detection Method

Checks the used TLS protocols of the services provided by this system.
Details: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection
OID:[Link].4.1.25623.1.0.117274
Version used: 2025-04-30T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security:1.0
Method: SSL/TLS: Version Detection
OID: [Link].4.1.25623.1.0.105782)

. . . continues on next page . . .

2 RESULTS PER HOST 479

. . . continued from previous page . . .

References
cve: CVE-2011-3389
cve: CVE-2015-0204
cve: CVE-2023-41928
cve: CVE-2024-41270
cve: CVE-2025-3200
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1435
cert-bund: CB-K18/0799
cert-bund: CB-K16/1289
cert-bund: CB-K16/1096
cert-bund: CB-K15/1751
cert-bund: CB-K15/1266
cert-bund: CB-K15/0850
cert-bund: CB-K15/0764
cert-bund: CB-K15/0720
cert-bund: CB-K15/0548
cert-bund: CB-K15/0526
cert-bund: CB-K15/0509
cert-bund: CB-K15/0493
cert-bund: CB-K15/0384
cert-bund: CB-K15/0365
cert-bund: CB-K15/0364
cert-bund: CB-K15/0302
cert-bund: CB-K15/0192
cert-bund: CB-K15/0079
cert-bund: CB-K15/0016
cert-bund: CB-K14/1342
cert-bund: CB-K14/0231
. . . continues on next page . . .
2 RESULTS PER HOST 480

. . . continued from previous page . . .

cert-bund: CB-K13/0845
cert-bund: CB-K13/0796
cert-bund: CB-K13/0790
dfn-cert: DFN-CERT-2020-0177
dfn-cert: DFN-CERT-2020-0111
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1441
dfn-cert: DFN-CERT-2018-1408
dfn-cert: DFN-CERT-2016-1372
dfn-cert: DFN-CERT-2016-1164
dfn-cert: DFN-CERT-2016-0388
dfn-cert: DFN-CERT-2015-1853
dfn-cert: DFN-CERT-2015-1332
dfn-cert: DFN-CERT-2015-0884
dfn-cert: DFN-CERT-2015-0800
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0567
dfn-cert: DFN-CERT-2015-0544
dfn-cert: DFN-CERT-2015-0530
dfn-cert: DFN-CERT-2015-0396
dfn-cert: DFN-CERT-2015-0375
dfn-cert: DFN-CERT-2015-0374
dfn-cert: DFN-CERT-2015-0305
dfn-cert: DFN-CERT-2015-0199
dfn-cert: DFN-CERT-2015-0079
dfn-cert: DFN-CERT-2015-0021
dfn-cert: DFN-CERT-2014-1414
dfn-cert: DFN-CERT-2013-1847
dfn-cert: DFN-CERT-2013-1792
dfn-cert: DFN-CERT-2012-1979
dfn-cert: DFN-CERT-2012-1829
dfn-cert: DFN-CERT-2012-1530
dfn-cert: DFN-CERT-2012-1380
dfn-cert: DFN-CERT-2012-1377
dfn-cert: DFN-CERT-2012-1292
dfn-cert: DFN-CERT-2012-1214
dfn-cert: DFN-CERT-2012-1213
dfn-cert: DFN-CERT-2012-1180
dfn-cert: DFN-CERT-2012-1156
dfn-cert: DFN-CERT-2012-1155
dfn-cert: DFN-CERT-2012-1039
dfn-cert: DFN-CERT-2012-0956
dfn-cert: DFN-CERT-2012-0908
dfn-cert: DFN-CERT-2012-0868
dfn-cert: DFN-CERT-2012-0867
dfn-cert: DFN-CERT-2012-0848
dfn-cert: DFN-CERT-2012-0838
. . . continues on next page . . .
2 RESULTS PER HOST 481

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-0776
dfn-cert: DFN-CERT-2012-0722
dfn-cert: DFN-CERT-2012-0638
dfn-cert: DFN-CERT-2012-0627
dfn-cert: DFN-CERT-2012-0451
dfn-cert: DFN-CERT-2012-0418
dfn-cert: DFN-CERT-2012-0354
dfn-cert: DFN-CERT-2012-0234
dfn-cert: DFN-CERT-2012-0221
dfn-cert: DFN-CERT-2012-0177
dfn-cert: DFN-CERT-2012-0170
dfn-cert: DFN-CERT-2012-0146
dfn-cert: DFN-CERT-2012-0142
dfn-cert: DFN-CERT-2012-0126
dfn-cert: DFN-CERT-2012-0123
dfn-cert: DFN-CERT-2012-0095
dfn-cert: DFN-CERT-2012-0051
dfn-cert: DFN-CERT-2012-0047
dfn-cert: DFN-CERT-2012-0021
dfn-cert: DFN-CERT-2011-1953
dfn-cert: DFN-CERT-2011-1946
dfn-cert: DFN-CERT-2011-1844
dfn-cert: DFN-CERT-2011-1826
dfn-cert: DFN-CERT-2011-1774
dfn-cert: DFN-CERT-2011-1743
dfn-cert: DFN-CERT-2011-1738
dfn-cert: DFN-CERT-2011-1706
dfn-cert: DFN-CERT-2011-1628
dfn-cert: DFN-CERT-2011-1627
dfn-cert: DFN-CERT-2011-1619
dfn-cert: DFN-CERT-2011-1482

Medium (CVSS: 4.0)

NVT: SSL/TLS: Die-Hellman Key Exchange Insucient DH Group Strength Vulnerability

Summary
The SSL/TLS service uses Die-Hellman groups with insucient strength (key size < 2048).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Server Temporary Key Size: 768 bits

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 482

. . . continued from previous page . . .

An attacker might be able to decrypt the SSL/TLS communication oine.

Solution:
Solution type: Workaround
- Deploy (Ephemeral) Elliptic-Curve Die-Hellman (ECDHE) or use a 2048-bit or stronger
Die-Hellman group. Please see the references for more resources supporting you with this task.
- For Apache Web Servers: Beginning with version 2.4.7, mod_ssl will use DH parameters which
include primes with lengths of more than 1024 bits.

Aected Software/OS
All services providing an encrypted communication using Die-Hellman groups with insucient
strength.

Vulnerability Insight
The Die-Hellman group are some big numbers that are used as base for the DH computations.
They can be, and often are, xed. The security of the nal secret depends on the size of these
parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.

Vulnerability Detection Method

Checks the DHE temporary public key size.
Details: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabili.
,→..
OID:[Link].4.1.25623.1.0.106223
Version used: 2025-03-27T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]

[ return to [Link] ]

2.1.14 Medium 3389/tcp

2 RESULTS PER HOST 483

Medium (CVSS: 5.9)

NVT: SSL/TLS: Report Weak Cipher Suites

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Report Supported Cipher Suites (OID: [Link].4.1.25623.1.0.
,→802067)

Summary
This routine reports all weak SSL/TLS cipher suites accepted by a service.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
'Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA

Impact
This could allow remote attackers to obtain sensitive information or have other, unspecied
impacts.

Solution:
Solution type: Mitigation
The conguration of this services should be changed so that it does not accept the listed weak
cipher suites anymore.
Please see the references for more resources supporting you with this task.

Aected Software/OS
All services providing an encrypted communication using weak SSL/TLS cipher suites.

Vulnerability Insight
These rules are applied for the evaluation of the cryptographic strength:
- RC4 is considered to be weak (CVE-2013-2566, CVE-2015-2808)
- Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore
considered as weak (CVE-2015-4000)
- 1024 bit RSA authentication is considered to be insecure and therefore as weak
- Any cipher considered to be secure for only the next 10 years is considered as medium
- Any other cipher is considered as strong

Vulnerability Detection Method

Checks previous collected cipher suites.
. . . continues on next page . . .
2 RESULTS PER HOST 484

. . . continued from previous page . . .

NOTE: No severity for SMTP services with 'Opportunistic TLS' and weak cipher suites on port
25/tcp is reported. If too strong cipher suites are congured for this service the alternative would
be to fall back to an even more insecure cleartext communication.
Details: SSL/TLS: Report Weak Cipher Suites
OID:[Link].4.1.25623.1.0.103440
Version used: 2025-03-27T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Report Supported Cipher Suites
OID: [Link].4.1.25623.1.0.802067)

References
cve: CVE-2013-2566
cve: CVE-2015-2808
cve: CVE-2015-4000
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
cert-bund: CB-K21/0067
cert-bund: CB-K19/0812
cert-bund: CB-K17/1750
cert-bund: CB-K16/1593
cert-bund: CB-K16/1552
cert-bund: CB-K16/1102
cert-bund: CB-K16/0617
cert-bund: CB-K16/0599
cert-bund: CB-K16/0168
cert-bund: CB-K16/0121
cert-bund: CB-K16/0090
cert-bund: CB-K16/0030
cert-bund: CB-K15/1751
cert-bund: CB-K15/1591
cert-bund: CB-K15/1550
cert-bund: CB-K15/1517
cert-bund: CB-K15/1514
cert-bund: CB-K15/1464
. . . continues on next page . . .
2 RESULTS PER HOST 485

. . . continued from previous page . . .

cert-bund: CB-K15/1442
cert-bund: CB-K15/1334
cert-bund: CB-K15/1269
cert-bund: CB-K15/1136
cert-bund: CB-K15/1090
cert-bund: CB-K15/1059
cert-bund: CB-K15/1022
cert-bund: CB-K15/1015
cert-bund: CB-K15/0986
cert-bund: CB-K15/0964
cert-bund: CB-K15/0962
cert-bund: CB-K15/0932
cert-bund: CB-K15/0927
cert-bund: CB-K15/0926
cert-bund: CB-K15/0907
cert-bund: CB-K15/0901
cert-bund: CB-K15/0896
cert-bund: CB-K15/0889
cert-bund: CB-K15/0877
cert-bund: CB-K15/0850
cert-bund: CB-K15/0849
cert-bund: CB-K15/0834
cert-bund: CB-K15/0827
cert-bund: CB-K15/0802
cert-bund: CB-K15/0764
cert-bund: CB-K15/0733
cert-bund: CB-K15/0667
cert-bund: CB-K14/0935
cert-bund: CB-K13/0942
dfn-cert: DFN-CERT-2023-2939
dfn-cert: DFN-CERT-2021-0775
dfn-cert: DFN-CERT-2020-1561
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2017-1821
dfn-cert: DFN-CERT-2016-1692
dfn-cert: DFN-CERT-2016-1648
dfn-cert: DFN-CERT-2016-1168
dfn-cert: DFN-CERT-2016-0665
dfn-cert: DFN-CERT-2016-0642
dfn-cert: DFN-CERT-2016-0184
dfn-cert: DFN-CERT-2016-0135
dfn-cert: DFN-CERT-2016-0101
dfn-cert: DFN-CERT-2016-0035
dfn-cert: DFN-CERT-2015-1853
dfn-cert: DFN-CERT-2015-1679
dfn-cert: DFN-CERT-2015-1632
dfn-cert: DFN-CERT-2015-1608
. . . continues on next page . . .
2 RESULTS PER HOST 486

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2015-1542
dfn-cert: DFN-CERT-2015-1518
dfn-cert: DFN-CERT-2015-1406
dfn-cert: DFN-CERT-2015-1341
dfn-cert: DFN-CERT-2015-1194
dfn-cert: DFN-CERT-2015-1144
dfn-cert: DFN-CERT-2015-1113
dfn-cert: DFN-CERT-2015-1078
dfn-cert: DFN-CERT-2015-1067
dfn-cert: DFN-CERT-2015-1038
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-1012
dfn-cert: DFN-CERT-2015-0980
dfn-cert: DFN-CERT-2015-0977
dfn-cert: DFN-CERT-2015-0976
dfn-cert: DFN-CERT-2015-0960
dfn-cert: DFN-CERT-2015-0956
dfn-cert: DFN-CERT-2015-0944
dfn-cert: DFN-CERT-2015-0937
dfn-cert: DFN-CERT-2015-0925
dfn-cert: DFN-CERT-2015-0884
dfn-cert: DFN-CERT-2015-0881
dfn-cert: DFN-CERT-2015-0879
dfn-cert: DFN-CERT-2015-0866
dfn-cert: DFN-CERT-2015-0844
dfn-cert: DFN-CERT-2015-0800
dfn-cert: DFN-CERT-2015-0737
dfn-cert: DFN-CERT-2015-0696
dfn-cert: DFN-CERT-2014-0977

Medium (CVSS: 4.3)

NVT: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection

Product detection result

cpe:/a:ietf:transport_layer_security:1.0
Detected by SSL/TLS: Version Detection (OID: [Link].4.1.25623.1.0.105782)

Summary
It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this
system.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 487

. . . continued from previous page . . .

The service is only providing the deprecated TLSv1.0 protocol and supports one o
,→r more ciphers. Those supported ciphers can be found in the 'SSL/TLS: Report S
,→upported Cipher Suites' (OID: [Link].4.1.25623.1.0.802067) VT.

Impact
An attacker might be able to use the known cryptographic aws to eavesdrop the connection
between clients and the service to get access to sensitive data transferred within the secured
connection.
Furthermore newly uncovered vulnerabilities in this protocols won't receive security updates
anymore.

Solution:
Solution type: Mitigation
It is recommended to disable the deprecated TLSv1.0 and/or TLSv1.1 protocols in favor of the
TLSv1.2+ protocols.
Please see the references for more resources supporting you with this task.

Aected Software/OS
- All services providing an encrypted communication using the TLSv1.0 and/or TLSv1.1 protocols
- CVE-2023-41928: Kiloview P1 4G and P2 4G Video Encoder
- CVE-2024-41270: Gorush v1.18.4
- CVE-2025-3200: Multiple products from Wiesemann & Theis

Vulnerability Insight
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic aws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded
Legacy Encryption (FREAK)

Vulnerability Detection Method

Checks the used TLS protocols of the services provided by this system.
Details: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection
OID:[Link].4.1.25623.1.0.117274
Version used: 2025-04-30T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security:1.0
Method: SSL/TLS: Version Detection
OID: [Link].4.1.25623.1.0.105782)

References
cve: CVE-2011-3389
cve: CVE-2015-0204
cve: CVE-2023-41928
cve: CVE-2024-41270
. . . continues on next page . . .
2 RESULTS PER HOST 488

. . . continued from previous page . . .

cve: CVE-2025-3200
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1435
cert-bund: CB-K18/0799
cert-bund: CB-K16/1289
cert-bund: CB-K16/1096
cert-bund: CB-K15/1751
cert-bund: CB-K15/1266
cert-bund: CB-K15/0850
cert-bund: CB-K15/0764
cert-bund: CB-K15/0720
cert-bund: CB-K15/0548
cert-bund: CB-K15/0526
cert-bund: CB-K15/0509
cert-bund: CB-K15/0493
cert-bund: CB-K15/0384
cert-bund: CB-K15/0365
cert-bund: CB-K15/0364
cert-bund: CB-K15/0302
cert-bund: CB-K15/0192
cert-bund: CB-K15/0079
cert-bund: CB-K15/0016
cert-bund: CB-K14/1342
cert-bund: CB-K14/0231
cert-bund: CB-K13/0845
cert-bund: CB-K13/0796
cert-bund: CB-K13/0790
dfn-cert: DFN-CERT-2020-0177
dfn-cert: DFN-CERT-2020-0111
dfn-cert: DFN-CERT-2019-0068
. . . continues on next page . . .
2 RESULTS PER HOST 489

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-1441
dfn-cert: DFN-CERT-2018-1408
dfn-cert: DFN-CERT-2016-1372
dfn-cert: DFN-CERT-2016-1164
dfn-cert: DFN-CERT-2016-0388
dfn-cert: DFN-CERT-2015-1853
dfn-cert: DFN-CERT-2015-1332
dfn-cert: DFN-CERT-2015-0884
dfn-cert: DFN-CERT-2015-0800
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0567
dfn-cert: DFN-CERT-2015-0544
dfn-cert: DFN-CERT-2015-0530
dfn-cert: DFN-CERT-2015-0396
dfn-cert: DFN-CERT-2015-0375
dfn-cert: DFN-CERT-2015-0374
dfn-cert: DFN-CERT-2015-0305
dfn-cert: DFN-CERT-2015-0199
dfn-cert: DFN-CERT-2015-0079
dfn-cert: DFN-CERT-2015-0021
dfn-cert: DFN-CERT-2014-1414
dfn-cert: DFN-CERT-2013-1847
dfn-cert: DFN-CERT-2013-1792
dfn-cert: DFN-CERT-2012-1979
dfn-cert: DFN-CERT-2012-1829
dfn-cert: DFN-CERT-2012-1530
dfn-cert: DFN-CERT-2012-1380
dfn-cert: DFN-CERT-2012-1377
dfn-cert: DFN-CERT-2012-1292
dfn-cert: DFN-CERT-2012-1214
dfn-cert: DFN-CERT-2012-1213
dfn-cert: DFN-CERT-2012-1180
dfn-cert: DFN-CERT-2012-1156
dfn-cert: DFN-CERT-2012-1155
dfn-cert: DFN-CERT-2012-1039
dfn-cert: DFN-CERT-2012-0956
dfn-cert: DFN-CERT-2012-0908
dfn-cert: DFN-CERT-2012-0868
dfn-cert: DFN-CERT-2012-0867
dfn-cert: DFN-CERT-2012-0848
dfn-cert: DFN-CERT-2012-0838
dfn-cert: DFN-CERT-2012-0776
dfn-cert: DFN-CERT-2012-0722
dfn-cert: DFN-CERT-2012-0638
dfn-cert: DFN-CERT-2012-0627
dfn-cert: DFN-CERT-2012-0451
dfn-cert: DFN-CERT-2012-0418
. . . continues on next page . . .
2 RESULTS PER HOST 490

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-0354
dfn-cert: DFN-CERT-2012-0234
dfn-cert: DFN-CERT-2012-0221
dfn-cert: DFN-CERT-2012-0177
dfn-cert: DFN-CERT-2012-0170
dfn-cert: DFN-CERT-2012-0146
dfn-cert: DFN-CERT-2012-0142
dfn-cert: DFN-CERT-2012-0126
dfn-cert: DFN-CERT-2012-0123
dfn-cert: DFN-CERT-2012-0095
dfn-cert: DFN-CERT-2012-0051
dfn-cert: DFN-CERT-2012-0047
dfn-cert: DFN-CERT-2012-0021
dfn-cert: DFN-CERT-2011-1953
dfn-cert: DFN-CERT-2011-1946
dfn-cert: DFN-CERT-2011-1844
dfn-cert: DFN-CERT-2011-1826
dfn-cert: DFN-CERT-2011-1774
dfn-cert: DFN-CERT-2011-1743
dfn-cert: DFN-CERT-2011-1738
dfn-cert: DFN-CERT-2011-1706
dfn-cert: DFN-CERT-2011-1628
dfn-cert: DFN-CERT-2011-1627
dfn-cert: DFN-CERT-2011-1619
dfn-cert: DFN-CERT-2011-1482

Medium (CVSS: 4.0)

NVT: SSL/TLS: Certicate Signed Using A Weak Signature Algorithm

Summary
The remote service is using a SSL/TLS certicate in the certicate chain that has been signed
using a cryptographically weak hashing algorithm.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The following certificates are part of the certificate chain but using insecure
,→signature algorithms:
Subject: CN=vagrant-2008R2
Signature Algorithm: sha1WithRSAEncryption

Solution:
Solution type: Mitigation
. . . continues on next page . . .
2 RESULTS PER HOST 491

. . . continued from previous page . . .

Servers that use SSL/TLS certicates signed with a weak SHA-1, MD5, MD4 or MD2 hashing
algorithm will need to obtain new SHA-2 signed SSL/TLS certicates to avoid web browser
SSL/TLS certicate warnings.

Vulnerability Insight
The following hashing algorithms used for signing SSL/TLS certicates are considered crypto-
graphically weak and not secure enough for ongoing use:
- Secure Hash Algorithm 1 (SHA-1)
- Message Digest 5 (MD5)
- Message Digest 4 (MD4)
- Message Digest 2 (MD2)
Beginning as late as January 2017 and as early as June 2016, browser developers such as Microsoft
and Google will begin warning users when visiting web sites that use SHA-1 signed Secure Socket
Layer (SSL) certicates.
NOTE: The script preference allows to set one or more custom SHA-1 ngerprints of CA certi-
cates which are trusted by this routine. The ngerprints needs to be passed comma-separated
and case-insensitive:
Fingerprint1
or
ngerprint1, Fingerprint2

Vulnerability Detection Method

Check which hashing algorithm was used to sign the remote SSL/TLS certicate.
Details: SSL/TLS: Certificate Signed Using A Weak Signature Algorithm
OID:[Link].4.1.25623.1.0.105880
Version used: 2021-10-15T[Link]Z

References
url: [Link]
,→sha-1-based-signature-algorithms/

[ return to [Link] ]

2.1.15 Medium 8181/tcp

Medium (CVSS: 5.0)

NVT: SSL/TLS: Known Untrusted / Dangerous Certicate Authority (CA) Detection

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Collect and Report Certificate Details (OID: [Link].4.1.25
,→623.1.0.103692)

. . . continues on next page . . .

2 RESULTS PER HOST 492

. . . continued from previous page . . .

Summary
The service is using an SSL/TLS certicate from a known untrusted and/or dangerous certicate
authority (CA).

Quality of Detection (QoD): 99%

Vulnerability Detection Result
The certificate of the remote service is signed by the following untrusted and/o
,→r dangerous CA:
Issuer: CN=localhost,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=Californ
,→ia,C=US
Certificate details:
fingerprint (SHA-1) | 4A5758F59279E82F2A913C83CA658D6964575A72
fingerprint (SHA-256) | AB48B2E6C44C50867FB3703083F1CEE806F4B575F0E3AD
,→5B23381002A885F556
issued by | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
public key algorithm | RSA
public key size (bits) | 2048
serial | 04A9972F
signature algorithm | sha256WithRSAEncryption
subject | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
subject alternative names (SAN) | None
valid from | 2013-05-15 [Link] UTC
valid until | 2023-05-13 [Link] UTC

Impact
An attacker could use this for man-in-the-middle (MITM) attacks, accessing sensible data and
other attacks.

Solution:
Solution type: Mitigation
Replace the SSL/TLS certicate with one signed by a trusted CA.

Vulnerability Detection Method

The script reads the certicate used by the target host and checks if it was signed by a known
untrusted and/or dangerous CA.
Details: SSL/TLS: Known Untrusted / Dangerous Certificate Authority (CA) Detection
OID:[Link].4.1.25623.1.0.113054
Version used: 2024-06-14T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Collect and Report Certificate Details
. . . continues on next page . . .
2 RESULTS PER HOST 493

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.103692)

Medium (CVSS: 5.0)

NVT: SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)

Summary
The remote SSL/TLS service is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 70%

Vulnerability Detection Result
The following indicates that the remote SSL/TLS service is affected:
Protocol Version | Successful re-done SSL/TLS handshakes (Renegotiation) over an
,→ existing / already established SSL/TLS connection
--------------------------------------------------------------------------------
,→--------------------------------------------------
TLSv1.0 | 10
TLSv1.1 | 10
TLSv1.2 | 10

Impact
The aw might make it easier for remote attackers to cause a DoS (CPU consumption) by
performing many renegotiations within a single connection.

Solution:
Solution type: VendorFix
Users should contact their vendors for specic patch information.
A general solution is to remove/disable renegotiation capabilities altogether from/in the aected
SSL/TLS service.

Aected Software/OS
Every SSL/TLS service which does not properly restrict client-initiated renegotiation.

Vulnerability Insight
The aw exists because the remote SSL/TLS service does not properly restrict client-initiated
renegotiation within the SSL and TLS protocols.
Note: The referenced CVEs are aecting OpenSSL and Mozilla Network Security Services (NSS)
but both are in a DISPUTED state with the following rationale:
> It can also be argued that it is the responsibility of server deployments, not a security library,
to prevent or limit renegotiation when it is inappropriate within a specic environment.
Both CVEs are still kept in this VT as a reference to the origin of this aw.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 494

. . . continued from previous page . . .

Checks if the remote service allows to re-do the same SSL/TLS handshake (Renegotiation) over
an existing / already established SSL/TLS connection.
Details: SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
OID:[Link].4.1.25623.1.0.117761
Version used: 2024-09-27T[Link]Z

References
cve: CVE-2011-1473
cve: CVE-2011-5094
url: [Link]
,→tiation-dos/
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0796
cert-bund: WID-SEC-2023-1435
cert-bund: CB-K17/0980
cert-bund: CB-K17/0979
cert-bund: CB-K14/0772
cert-bund: CB-K13/0915
cert-bund: CB-K13/0462
dfn-cert: DFN-CERT-2025-0933
dfn-cert: DFN-CERT-2017-1013
dfn-cert: DFN-CERT-2017-1012
dfn-cert: DFN-CERT-2014-0809
dfn-cert: DFN-CERT-2013-1928
dfn-cert: DFN-CERT-2012-1112

Medium (CVSS: 5.0)

NVT: SSL/TLS: Certicate Expired

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Collect and Report Certificate Details (OID: [Link].4.1.25
,→623.1.0.103692)

Summary
The remote server's SSL/TLS certicate has already expired.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
The certificate of the remote service expired on 2023-05-13 [Link].
. . . continues on next page . . .
2 RESULTS PER HOST 495

. . . continued from previous page . . .

Certificate details:
fingerprint (SHA-1) | 4A5758F59279E82F2A913C83CA658D6964575A72
fingerprint (SHA-256) | AB48B2E6C44C50867FB3703083F1CEE806F4B575F0E3AD
,→5B23381002A885F556
issued by | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
public key algorithm | RSA
public key size (bits) | 2048
serial | 04A9972F
signature algorithm | sha256WithRSAEncryption
subject | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
subject alternative names (SAN) | None
valid from | 2013-05-15 [Link] UTC
valid until | 2023-05-13 [Link] UTC

Solution:
Solution type: Mitigation
Replace the SSL/TLS certicate by a new one.

Vulnerability Insight
This script checks expiry dates of certicates associated with SSL/TLS-enabled services on the
target and reports whether any have already expired.

Vulnerability Detection Method

Details: SSL/TLS: Certificate Expired
OID:[Link].4.1.25623.1.0.103955
Version used: 2024-06-14T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Collect and Report Certificate Details
OID: [Link].4.1.25623.1.0.103692)

Medium (CVSS: 4.3)

NVT: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection

Product detection result

cpe:/a:ietf:transport_layer_security:1.1
Detected by SSL/TLS: Version Detection (OID: [Link].4.1.25623.1.0.105782)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 496

. . . continued from previous page . . .

It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this
system.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
In addition to TLSv1.2+ the service is also providing the deprecated TLSv1.0 and
,→ TLSv1.1 protocols and supports one or more ciphers. Those supported ciphers c
,→an be found in the 'SSL/TLS: Report Supported Cipher Suites' (OID: [Link].4.1
,→.25623.1.0.802067) VT.

Impact
An attacker might be able to use the known cryptographic aws to eavesdrop the connection
between clients and the service to get access to sensitive data transferred within the secured
connection.
Furthermore newly uncovered vulnerabilities in this protocols won't receive security updates
anymore.

Solution:
Solution type: Mitigation
It is recommended to disable the deprecated TLSv1.0 and/or TLSv1.1 protocols in favor of the
TLSv1.2+ protocols.
Please see the references for more resources supporting you with this task.

Aected Software/OS
- All services providing an encrypted communication using the TLSv1.0 and/or TLSv1.1 protocols
- CVE-2023-41928: Kiloview P1 4G and P2 4G Video Encoder
- CVE-2024-41270: Gorush v1.18.4
- CVE-2025-3200: Multiple products from Wiesemann & Theis

Vulnerability Insight
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic aws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded
Legacy Encryption (FREAK)

Vulnerability Detection Method

Checks the used TLS protocols of the services provided by this system.
Details: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection
OID:[Link].4.1.25623.1.0.117274
Version used: 2025-04-30T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security:1.1
Method: SSL/TLS: Version Detection
. . . continues on next page . . .
2 RESULTS PER HOST 497

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.105782)

References
cve: CVE-2011-3389
cve: CVE-2015-0204
cve: CVE-2023-41928
cve: CVE-2024-41270
cve: CVE-2025-3200
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1435
cert-bund: CB-K18/0799
cert-bund: CB-K16/1289
cert-bund: CB-K16/1096
cert-bund: CB-K15/1751
cert-bund: CB-K15/1266
cert-bund: CB-K15/0850
cert-bund: CB-K15/0764
cert-bund: CB-K15/0720
cert-bund: CB-K15/0548
cert-bund: CB-K15/0526
cert-bund: CB-K15/0509
cert-bund: CB-K15/0493
cert-bund: CB-K15/0384
cert-bund: CB-K15/0365
cert-bund: CB-K15/0364
cert-bund: CB-K15/0302
cert-bund: CB-K15/0192
cert-bund: CB-K15/0079
cert-bund: CB-K15/0016
. . . continues on next page . . .
2 RESULTS PER HOST 498

. . . continued from previous page . . .

cert-bund: CB-K14/1342
cert-bund: CB-K14/0231
cert-bund: CB-K13/0845
cert-bund: CB-K13/0796
cert-bund: CB-K13/0790
dfn-cert: DFN-CERT-2020-0177
dfn-cert: DFN-CERT-2020-0111
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1441
dfn-cert: DFN-CERT-2018-1408
dfn-cert: DFN-CERT-2016-1372
dfn-cert: DFN-CERT-2016-1164
dfn-cert: DFN-CERT-2016-0388
dfn-cert: DFN-CERT-2015-1853
dfn-cert: DFN-CERT-2015-1332
dfn-cert: DFN-CERT-2015-0884
dfn-cert: DFN-CERT-2015-0800
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0567
dfn-cert: DFN-CERT-2015-0544
dfn-cert: DFN-CERT-2015-0530
dfn-cert: DFN-CERT-2015-0396
dfn-cert: DFN-CERT-2015-0375
dfn-cert: DFN-CERT-2015-0374
dfn-cert: DFN-CERT-2015-0305
dfn-cert: DFN-CERT-2015-0199
dfn-cert: DFN-CERT-2015-0079
dfn-cert: DFN-CERT-2015-0021
dfn-cert: DFN-CERT-2014-1414
dfn-cert: DFN-CERT-2013-1847
dfn-cert: DFN-CERT-2013-1792
dfn-cert: DFN-CERT-2012-1979
dfn-cert: DFN-CERT-2012-1829
dfn-cert: DFN-CERT-2012-1530
dfn-cert: DFN-CERT-2012-1380
dfn-cert: DFN-CERT-2012-1377
dfn-cert: DFN-CERT-2012-1292
dfn-cert: DFN-CERT-2012-1214
dfn-cert: DFN-CERT-2012-1213
dfn-cert: DFN-CERT-2012-1180
dfn-cert: DFN-CERT-2012-1156
dfn-cert: DFN-CERT-2012-1155
dfn-cert: DFN-CERT-2012-1039
dfn-cert: DFN-CERT-2012-0956
dfn-cert: DFN-CERT-2012-0908
dfn-cert: DFN-CERT-2012-0868
dfn-cert: DFN-CERT-2012-0867
. . . continues on next page . . .
2 RESULTS PER HOST 499

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-0848
dfn-cert: DFN-CERT-2012-0838
dfn-cert: DFN-CERT-2012-0776
dfn-cert: DFN-CERT-2012-0722
dfn-cert: DFN-CERT-2012-0638
dfn-cert: DFN-CERT-2012-0627
dfn-cert: DFN-CERT-2012-0451
dfn-cert: DFN-CERT-2012-0418
dfn-cert: DFN-CERT-2012-0354
dfn-cert: DFN-CERT-2012-0234
dfn-cert: DFN-CERT-2012-0221
dfn-cert: DFN-CERT-2012-0177
dfn-cert: DFN-CERT-2012-0170
dfn-cert: DFN-CERT-2012-0146
dfn-cert: DFN-CERT-2012-0142
dfn-cert: DFN-CERT-2012-0126
dfn-cert: DFN-CERT-2012-0123
dfn-cert: DFN-CERT-2012-0095
dfn-cert: DFN-CERT-2012-0051
dfn-cert: DFN-CERT-2012-0047
dfn-cert: DFN-CERT-2012-0021
dfn-cert: DFN-CERT-2011-1953
dfn-cert: DFN-CERT-2011-1946
dfn-cert: DFN-CERT-2011-1844
dfn-cert: DFN-CERT-2011-1826
dfn-cert: DFN-CERT-2011-1774
dfn-cert: DFN-CERT-2011-1743
dfn-cert: DFN-CERT-2011-1738
dfn-cert: DFN-CERT-2011-1706
dfn-cert: DFN-CERT-2011-1628
dfn-cert: DFN-CERT-2011-1627
dfn-cert: DFN-CERT-2011-1619
dfn-cert: DFN-CERT-2011-1482

Medium (CVSS: 4.0)

NVT: SSL/TLS: Die-Hellman Key Exchange Insucient DH Group Strength Vulnerability

Summary
The SSL/TLS service uses Die-Hellman groups with insucient strength (key size < 2048).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Server Temporary Key Size: 1024 bits

. . . continues on next page . . .

2 RESULTS PER HOST 500

. . . continued from previous page . . .

Impact
An attacker might be able to decrypt the SSL/TLS communication oine.

Solution:
Solution type: Workaround
- Deploy (Ephemeral) Elliptic-Curve Die-Hellman (ECDHE) or use a 2048-bit or stronger
Die-Hellman group. Please see the references for more resources supporting you with this task.
- For Apache Web Servers: Beginning with version 2.4.7, mod_ssl will use DH parameters which
include primes with lengths of more than 1024 bits.

Aected Software/OS
All services providing an encrypted communication using Die-Hellman groups with insucient
strength.

Vulnerability Insight
The Die-Hellman group are some big numbers that are used as base for the DH computations.
They can be, and often are, xed. The security of the nal secret depends on the size of these
parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.

Vulnerability Detection Method

Checks the DHE temporary public key size.
Details: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabili.
,→..
OID:[Link].4.1.25623.1.0.106223
Version used: 2025-03-27T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]

[ return to [Link] ]
2 RESULTS PER HOST 501

2.1.16 Medium 22/tcp

Medium (CVSS: 5.3)

NVT: OpenSSH < 7.8 User Enumeration Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a user enumeration vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1
Fixed version: 7.8
Installation
path / port: 22/tcp

Impact
Successfully exploitation will allow remote attacker to test whether a certain user exists or not
(username enumeration) on a target OpenSSH server.

Solution:
Solution type: VendorFix
Update to version 7.8 or later.

Aected Software/OS
OpenSSH versions 7.7 and prior.

Vulnerability Insight
The aw is due to not delaying bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and
auth2-pubkey.c

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.8 User Enumeration Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813863
Version used: 2023-07-20T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
. . . continues on next page . . .
2 RESULTS PER HOST 502

. . . continued from previous page . . .

Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2018-15473
url: [Link]
url: [Link]
,→1e0
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K20/0041
cert-bund: CB-K18/1031
cert-bund: CB-K18/0873
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2021-2178
dfn-cert: DFN-CERT-2020-2189
dfn-cert: DFN-CERT-2020-0228
dfn-cert: DFN-CERT-2019-2046
dfn-cert: DFN-CERT-2019-0857
dfn-cert: DFN-CERT-2019-0362
dfn-cert: DFN-CERT-2018-2293
dfn-cert: DFN-CERT-2018-2259
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-1806
dfn-cert: DFN-CERT-2018-1696

Medium (CVSS: 5.3)

NVT: OpenSSH 'auth2-gss.c' User Enumeration Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a user enumeration vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1
Fixed version: None
Installation
path / port: 22/tcp

. . . continues on next page . . .

2 RESULTS PER HOST 503

. . . continued from previous page . . .

Impact
Successfully exploitation will allow a remote attacker to harvest valid user accounts, which may
aid in brute-force attacks.

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
OpenSSH version 5.9 through 7.8.

Vulnerability Insight
The aw exists in the 'auth-gss2.c' source code le of the aected software and is due to in-
sucient validation of an authentication request packet when the Guide Star Server II (GSS2)
component is used on an aected system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH 'auth2-gss.c' User Enumeration Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813887
Version used: 2021-05-28T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2018-15919
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K18/0885
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2018-2293
dfn-cert: DFN-CERT-2018-2191

Medium (CVSS: 5.3)

NVT: OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows

Product detection result

. . . continues on next page . . .
2 RESULTS PER HOST 504

. . . continued from previous page . . .

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1
Fixed version: 7.6
Installation
path / port: 22/tcp

Impact
Successfully exploiting this issue allows local users to bypass certain security restrictions and
perform unauthorized actions. This may lead to further attacks.

Solution:
Solution type: VendorFix
Update to version 7.6 or later.

Aected Software/OS
OpenSSH versions prior to 7.6 on Windows.

Vulnerability Insight
The aw exists in the 'process_open' function in sftp-server.c script which does not properly
prevent write operations in readonly mode.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows
OID:[Link].4.1.25623.1.0.812050
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2017-15906
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 505

. . . continued from previous page . . .

url: [Link]
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K20/0041
cert-bund: CB-K18/0137
cert-bund: CB-K17/2126
cert-bund: CB-K17/2014
cert-bund: CB-K17/2002
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2019-0362
dfn-cert: DFN-CERT-2018-2554
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-2068
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1568
dfn-cert: DFN-CERT-2018-0150
dfn-cert: DFN-CERT-2017-2217
dfn-cert: DFN-CERT-2017-2100
dfn-cert: DFN-CERT-2017-2093

[ return to [Link] ]

2.1.17 Medium 8282/tcp

Medium (CVSS: 6.8)

NVT: Apache Tomcat servlet/JSP container default les

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
The Apache Tomcat servlet/JSP container has default les installed.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
The following default files were found :
[Link]
[Link]
[Link]

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 506

. . . continued from previous page . . .

These les should be removed as they may help an attacker to guess the exact version of the
Apache Tomcat which is running on this host and may provide other useful information.

Solution:
Solution type: Mitigation
Remove default les, example JSPs and Servlets from the Tomcat Servlet/JSP container.

Vulnerability Insight
Default les, such as documentation, default Servlets and JSPs were found on the Apache Tomcat
servlet/JSP container.

Vulnerability Detection Method

Details: Apache Tomcat servlet/JSP container default files
OID:[Link].4.1.25623.1.0.12085
Version used: 2023-08-01T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

Medium (CVSS: 6.5)

NVT: Apache Tomcat Security Constraint Incorrect Handling Access Bypass Vulnerabilities -
Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to multiple access bypass vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.0.50
Installation
path / port: 8282/tcp

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 507

. . . continued from previous page . . .

Successfully exploiting these issues will allow remote attackers to bypass security constraints to
access ostensibly restricted resources on the target system.

Solution:
Solution type: VendorFix
Upgrade to Apache Tomcat version 9.0.5, 8.5.28, 8.0.50, 7.0.85 or later.

Aected Software/OS
Apache Tomcat versions 9.0.0.M1 to 9.0.4
Apache Tomcat versions 8.5.0 to 8.5.27
Apache Tomcat versions 8.0.0.RC1 to 8.0.49
Apache Tomcat versions 7.0.0 to 7.0.84 on Windows.

Vulnerability Insight
Multiple aws are due to:
- The system does not properly enforce security constraints that dened by annotations of Servlets
in certain cases, depending on the order that Servlets are loaded.
- The URL pattern of  (the empty string) which exactly maps to the context root was not
correctly handled when used as part of a security constraint denition.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Security Constraint Incorrect Handling Access Bypass Vulnerabilit.
,→..
OID:[Link].4.1.25623.1.0.812784
Version used: 2025-09-17T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2018-1305
cve: CVE-2018-1304
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→7e10949b01b1f8a0fb@%[Link]%3E
cert-bund: WID-SEC-2024-1682
cert-bund: WID-SEC-2024-0528
cert-bund: CB-K19/1121
. . . continues on next page . . .
2 RESULTS PER HOST 508

. . . continued from previous page . . .

cert-bund: CB-K19/0321
cert-bund: CB-K18/1007
cert-bund: CB-K18/1006
cert-bund: CB-K18/1005
cert-bund: CB-K18/0790
cert-bund: CB-K18/0420
cert-bund: CB-K18/0349
dfn-cert: DFN-CERT-2019-1627
dfn-cert: DFN-CERT-2019-0772
dfn-cert: DFN-CERT-2018-2165
dfn-cert: DFN-CERT-2018-2142
dfn-cert: DFN-CERT-2018-2125
dfn-cert: DFN-CERT-2018-2103
dfn-cert: DFN-CERT-2018-1753
dfn-cert: DFN-CERT-2018-1407
dfn-cert: DFN-CERT-2018-1274
dfn-cert: DFN-CERT-2018-1253
dfn-cert: DFN-CERT-2018-1038
dfn-cert: DFN-CERT-2018-0922
dfn-cert: DFN-CERT-2018-0733
dfn-cert: DFN-CERT-2018-0455
dfn-cert: DFN-CERT-2018-0378

Medium (CVSS: 6.4)

NVT: Apache Tomcat Authentication Bypass Vulnerability (Nov 2024) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to an authentication bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.96
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 509

. . . continued from previous page . . .

Update to version 9.0.96, 10.1.31, 11.0.0 or later.

Aected Software/OS
Apache Tomcat versions prior to 9.0.96, 10.0.x through 10.1.30 and 11.0.0-M1 through 11.0.0-
M26.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by this aw. If
you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
If Tomcat was congured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuth-
Context component which may throw an exception during the authentication process without
explicitly setting an HTTP status to indicate failure, the authentication may not have failed, al-
lowing the user to bypass the authentication process. There are no known Jakarta Authentication
components that behave in this way.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Authentication Bypass Vulnerability (Nov 2024) - Windows
OID:[Link].4.1.25623.1.0.153463
Version used: 2024-12-19T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2024-52316
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-0521
cert-bund: WID-SEC-2024-3684
cert-bund: WID-SEC-2024-3486
dfn-cert: DFN-CERT-2025-2285
dfn-cert: DFN-CERT-2025-2098
dfn-cert: DFN-CERT-2025-0890
dfn-cert: DFN-CERT-2025-0146
dfn-cert: DFN-CERT-2025-0134
dfn-cert: DFN-CERT-2024-3156
dfn-cert: DFN-CERT-2024-3077
2 RESULTS PER HOST 510

Medium (CVSS: 6.4)

NVT: Apache Axis2 <= 1.6.2 Multiple Vulnerabilities

Summary
Apache Axis2 is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.6.0
Fixed version: None
Installation
path / port: /axis2

Impact
Successfully exploiting these issues allows attackers to:
- CVE-2012-5785: perform man-in-the-middle attacks or impersonate trusted servers, which will
aid in further attacks
- CVE-2012-4418: may allow unauthenticated attackers to construct specially crafted messages
that can be successfully veried and contain arbitrary content. This may aid in further attacks
- CVE-2012-5351: allows remote attackers to forge messages and bypass authentication

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
The issue aects versions up to 1.6.2.

Vulnerability Insight
The following aws exist:
- CVE-2012-5785: a security bypass vulnerability because the application fails to properly vali-
date SSL certicates from the server
- CVE-2012-4418: a security vulnerability involving XML signature wrapping
- CVE-2012-5351: a SAML assertion that lacks a Signature element, aka a 'Signature exclusion
attack'

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Axis2 <= 1.6.2 Multiple Vulnerabilities
OID:[Link].4.1.25623.1.0.111004
Version used: 2025-01-17T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 511

. . . continued from previous page . . .

References
cve: CVE-2012-5785
cve: CVE-2012-4418
cve: CVE-2012-5351
url: [Link]
url: [Link]
url: [Link]

Medium (CVSS: 5.0)

NVT: Apache Tomcat Multiple DoS Vulnerabilities (Mar 2024) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to multiple denial of service (DoS) vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.5.99
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 8.5.99, 9.0.86, 10.1.19, 11.0.0-M17 or later.

Aected Software/OS
Apache Tomcat versions prior to 8.5.99, 9.0.0-M1 through 9.0.85, 10.x through 10.1.18 and
11.0.0-M1 through 11.0.0-M16.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches) it
is assumed that the whole 10.x branch and all versions prior to 8.5.x are aected by these aws.
If you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
The following aws exist:
- CVE-2024-23672: WebSocket DoS with incomplete closing handshake
. . . continues on next page . . .
2 RESULTS PER HOST 512

. . . continued from previous page . . .

- CVE-2024-24549: HTTP/2 header handling DoS

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Multiple DoS Vulnerabilities (Mar 2024) - Windows
OID:[Link].4.1.25623.1.0.114428
Version used: 2024-12-19T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2024-23672
cve: CVE-2024-24549
url: [Link]
url: [Link]
url: [Link]
,→7
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-3663
cert-bund: WID-SEC-2024-3508
cert-bund: WID-SEC-2024-3377
cert-bund: WID-SEC-2024-3220
cert-bund: WID-SEC-2024-3219
cert-bund: WID-SEC-2024-3196
cert-bund: WID-SEC-2024-3195
cert-bund: WID-SEC-2024-3191
cert-bund: WID-SEC-2024-1656
cert-bund: WID-SEC-2024-1642
cert-bund: WID-SEC-2024-1638
cert-bund: WID-SEC-2024-1622
cert-bund: WID-SEC-2024-1238
cert-bund: WID-SEC-2024-1214
cert-bund: WID-SEC-2024-1210
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0630
dfn-cert: DFN-CERT-2025-1517
dfn-cert: DFN-CERT-2024-3096
dfn-cert: DFN-CERT-2024-3078
dfn-cert: DFN-CERT-2024-2743
. . . continues on next page . . .
2 RESULTS PER HOST 513

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-1846
dfn-cert: DFN-CERT-2024-1372
dfn-cert: DFN-CERT-2024-1235
dfn-cert: DFN-CERT-2024-1036
dfn-cert: DFN-CERT-2024-1011
dfn-cert: DFN-CERT-2024-0723
dfn-cert: DFN-CERT-2024-0722
dfn-cert: DFN-CERT-2024-0697

Medium (CVSS: 5.0)

NVT: Apache Tomcat Multiple Vulnerabilities (Dec 2024) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.98
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.98, 10.1.34, 11.0.2 or later.
Vendor note: Users running Tomcat on a case insensitive le system with the default servlet
write enabled (readonly initialisation parameter set to the non-default value of false) may need
additional conguration to fully mitigate CVE-2024-50379 depending on which version of Java
they are using with Tomcat:
- running on Java 8 or Java 11: the system property [Link] must be explicitly
set to false (it defaults to true)
- running on Java 17: the system property [Link], if set, must be set to false (it
defaults to false)
- running on Java 21 onwards: no further conguration is required (the system property and the
problematic cache have been removed)

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 514

. . . continued from previous page . . .

Apache Tomcat versions prior to 9.0.98, 10.x prior to 10.1.34 and 11.x prior to 11.0.2.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by these aws.
If you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
The following aws exist:
- CVE-2024-50379: Remote code execution (RCE) via write-enabled default servlet
- CVE-2024-54677: Denial of service (DoS) in examples web application
- CVE-2024-56337: RCE via write-enabled default servlet - CVE-2024-50379 mitigation was
incomplete

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Multiple Vulnerabilities (Dec 2024) - Windows
OID:[Link].4.1.25623.1.0.114890
Version used: 2024-12-24T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2024-50379
cve: CVE-2024-54677
cve: CVE-2024-56337
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-0823
cert-bund: WID-SEC-2025-0819
cert-bund: WID-SEC-2025-0818
cert-bund: WID-SEC-2025-0808
cert-bund: WID-SEC-2025-0719
cert-bund: WID-SEC-2025-0148
cert-bund: WID-SEC-2024-3744
cert-bund: WID-SEC-2024-3722
dfn-cert: DFN-CERT-2025-2285
dfn-cert: DFN-CERT-2025-2098
dfn-cert: DFN-CERT-2025-1991
dfn-cert: DFN-CERT-2025-1923
. . . continues on next page . . .
2 RESULTS PER HOST 515

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-1181
dfn-cert: DFN-CERT-2025-0974
dfn-cert: DFN-CERT-2025-0890
dfn-cert: DFN-CERT-2025-0888
dfn-cert: DFN-CERT-2025-0766
dfn-cert: DFN-CERT-2025-0528
dfn-cert: DFN-CERT-2025-0509
dfn-cert: DFN-CERT-2025-0444
dfn-cert: DFN-CERT-2025-0146
dfn-cert: DFN-CERT-2025-0138
dfn-cert: DFN-CERT-2025-0134
dfn-cert: DFN-CERT-2025-0036
dfn-cert: DFN-CERT-2024-3364

Medium (CVSS: 5.0)

NVT: Apache Tomcat CGI Security Constraint Bypass Vulnerability (May 2025) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
Apache Tomcat is prone to a CGI security constraint bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 9.0.105
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 9.0.105, 10.1.41, 11.0.7 or later.

Aected Software/OS
Apache Tomcat version 9.0.104 and prior, 10.x through 10.1.40 and 11.0.0-M1 through 11.0.6.
. . . continues on next page . . .
2 RESULTS PER HOST 516

. . . continued from previous page . . .

Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that the whole 10.x branch and all versions prior to 9.x are aected by these aws.
If you disagree with this assessment and want to accept the risk please create an override for this
result.

Vulnerability Insight
When running on a case insensitive le system with security constraints congured for the
<code>pathInfo</code> component of a URL that mapped to the CGI servlet, it is possi-
ble to bypass those security constraints with a specially crafted URL.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat CGI Security Constraint Bypass Vulnerability (May 2025) - Windows
OID:[Link].4.1.25623.1.0.154591
Version used: 2025-05-30T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2025-46701
url: [Link]
cert-bund: WID-SEC-2025-1850
cert-bund: WID-SEC-2025-1365
cert-bund: WID-SEC-2025-1165
dfn-cert: DFN-CERT-2025-2285
dfn-cert: DFN-CERT-2025-2098
dfn-cert: DFN-CERT-2025-1991
dfn-cert: DFN-CERT-2025-1905
dfn-cert: DFN-CERT-2025-1780
dfn-cert: DFN-CERT-2025-1384

Medium (CVSS: 4.8)

NVT: Cleartext Transmission of Sensitive Information via HTTP

Summary
The host / application transmits sensitive information (username, passwords) in cleartext via
HTTP.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 517

. . . continued from previous page . . .

The following URLs requires Basic Authentication (URL:realm name):
[Link] Host Manager Application"
[Link] Manager Application"
[Link] Manager Application"

Impact
An attacker could use this situation to compromise or eavesdrop on the HTTP communication
between the client and the server using a man-in-the-middle attack to get access to sensitive data
like usernames or passwords.

Solution:
Solution type: Workaround
Enforce the transmission of sensitive data via an encrypted SSL/TLS connection. Additionally
make sure the host / application is redirecting all users to the secured SSL/TLS connection
before allowing to input sensitive data into the mentioned functions.

Aected Software/OS
Hosts / applications which doesn't enforce the transmission of sensitive data via an encrypted
SSL/TLS connection.

Vulnerability Detection Method

Evaluate previous collected information and check if the host / application is not enforcing the
transmission of sensitive data via an encrypted SSL/TLS connection.
The script is currently checking the following:
- HTTP Basic Authentication (Basic Auth)
- HTTP Forms (e.g. Login) with input eld of type 'password'
Details: Cleartext Transmission of Sensitive Information via HTTP
OID:[Link].4.1.25623.1.0.108440
Version used: 2023-09-07T[Link]Z

References
url: [Link]
,→ssion_Management
url: [Link]
url: [Link]

Medium (CVSS: 4.3)

NVT: Apache Tomcat Information Disclosure Vulnerability (Mar 2023) - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)
. . . continues on next page . . .
2 RESULTS PER HOST 518

. . . continued from previous page . . .

Summary
Apache Tomcat is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.5.86
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
Update to version 8.5.86, 9.0.72, 10.1.6, 11.0.0-M3 or later.

Aected Software/OS
Apache Tomcat versions through 8.5.85, 9.0.0-M1 through 9.0.71, 10.x through 10.1.5 and 11.0.0-
M1 through 11.0.0-M2.

Vulnerability Insight
When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that
include the X-Forwarded-Proto header set to https, session cookies created by Tomcat did not
include the secure attribute. This could result in the user agent transmitting the session cookie
over an insecure channel.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Information Disclosure Vulnerability (Mar 2023) - Windows
OID:[Link].4.1.25623.1.0.104654
Version used: 2024-06-07T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2023-28708
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 519

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-1238
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2023-2674
cert-bund: WID-SEC-2023-1812
cert-bund: WID-SEC-2023-1808
cert-bund: WID-SEC-2023-1784
cert-bund: WID-SEC-2023-1783
cert-bund: WID-SEC-2023-1782
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-1021
cert-bund: WID-SEC-2023-1017
cert-bund: WID-SEC-2023-0717
dfn-cert: DFN-CERT-2025-1517
dfn-cert: DFN-CERT-2024-3078
dfn-cert: DFN-CERT-2023-2778
dfn-cert: DFN-CERT-2023-2545
dfn-cert: DFN-CERT-2023-2054
dfn-cert: DFN-CERT-2023-0772
dfn-cert: DFN-CERT-2023-0763
dfn-cert: DFN-CERT-2023-0640

Medium (CVSS: 4.3)

NVT: Apache Tomcat Open Redirect Vulnerability - Windows

Product detection result

cpe:/a:apache:tomcat:8.0.33
Detected by Apache Tomcat Detection Consolidation (OID: [Link].4.1.25623.1.0.10
,→7652)

Summary
When the default servlet in Apache Tomcat returned a redirect to a directory (e.g. redirecting
to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the
redirect to be generated to any URI of the attackers choice.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 8.0.33
Fixed version: 8.5.34
Installation
path / port: 8282/tcp

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 520

. . . continued from previous page . . .

Update to version 7.0.91, 8.5.34, 9.0.12 or later.

Aected Software/OS
Apache Tomcat 9.0.0.M1-9.0.11, 8.5.0-8.5.33, 7.0.23-7.0.90 and probably 8.0.x.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Apache Tomcat Open Redirect Vulnerability - Windows
OID:[Link].4.1.25623.1.0.141569
Version used: 2024-02-15T[Link]Z

Product Detection Result

Product: cpe:/a:apache:tomcat:8.0.33
Method: Apache Tomcat Detection Consolidation
OID: [Link].4.1.25623.1.0.107652)

References
cve: CVE-2018-11784
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1212
cert-bund: WID-SEC-2024-1682
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2023-0531
cert-bund: WID-SEC-2023-0460
cert-bund: CB-K20/0029
cert-bund: CB-K19/1121
cert-bund: CB-K19/0907
cert-bund: CB-K19/0616
cert-bund: CB-K19/0320
cert-bund: CB-K19/0050
cert-bund: CB-K18/0963
dfn-cert: DFN-CERT-2019-2710
dfn-cert: DFN-CERT-2019-2159
dfn-cert: DFN-CERT-2019-1562
dfn-cert: DFN-CERT-2019-1237
dfn-cert: DFN-CERT-2019-0771
dfn-cert: DFN-CERT-2019-0147
dfn-cert: DFN-CERT-2019-0104
dfn-cert: DFN-CERT-2018-2435
dfn-cert: DFN-CERT-2018-2165
dfn-cert: DFN-CERT-2018-2142
dfn-cert: DFN-CERT-2018-2000

[ return to [Link] ]
2 RESULTS PER HOST 521

2.1.18 Medium 3306/tcp

Medium (CVSS: 6.8)

NVT: Oracle MySQL Server 5.5 <= 5.5.28 Security Update (cpujan2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.29
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.5.29 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5 through 5.5.28.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server 5.5 <= 5.5.28 Security Update (cpujan2013) - Windows
OID:[Link].4.1.25623.1.0.117205
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-5612
cve: CVE-2013-0386
cve: CVE-2013-0368
. . . continues on next page . . .
2 RESULTS PER HOST 522

. . . continued from previous page . . .

cve: CVE-2013-0371
cve: CVE-2012-0578
cve: CVE-2013-0367
cve: CVE-2012-5096
url: [Link]
advisory-id: cpujan2013
dfn-cert: DFN-CERT-2013-0259
dfn-cert: DFN-CERT-2013-0079

Medium (CVSS: 6.8)

NVT: Oracle MySQL Server Multiple Vulnerabilities - 02 - (Nov 2012) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch

Impact
Successful exploitation will allow an attacker to disclose potentially sensitive information, ma-
nipulate certain data and cause a DoS (Denial of Service).

Solution:
Solution type: VendorFix
Apply the patch from the references or upgrade to latest version.

Aected Software/OS
Oracle MySQL version 5.1.x to 5.1.65 and Oracle MySQL version 5.5.x to 5.5.27 on Windows.

Vulnerability Insight
The aws are due to multiple unspecied errors in MySQL server component related to server
installation and server optimizer.

Vulnerability Detection Method

Details: Oracle MySQL Server Multiple Vulnerabilities - 02 - (Nov 2012) - Windows
. . . continues on next page . . .
2 RESULTS PER HOST 523

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.803112
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-3180
cve: CVE-2012-3177
cve: CVE-2012-3160
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2012-2200
dfn-cert: DFN-CERT-2012-2118

Medium (CVSS: 6.8)

NVT: Oracle MySQL Server <= 5.1.65 / 5.5 <= 5.5.27 Security Update (cpujan2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.28
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 524

. . . continued from previous page . . .

Update to version 5.1.66, 5.5.28 or later.

Aected Software/OS
Oracle MySQL Server versions 5.1.65 and prior and 5.5 through 5.5.27.

Vulnerability Insight
The aw allows remote authenticated users to aect availability, related to GIS Extension.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.65 / 5.5 <= 5.5.27 Security Update (cpujan2013) - Wi.
,→..
OID:[Link].4.1.25623.1.0.117201
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-5060
url: [Link]
advisory-id: cpujan2013
dfn-cert: DFN-CERT-2013-0079

Medium (CVSS: 6.8)

NVT: Oracle MySQL Server 5.5.x <= 5.5.23 Security Update (cpujul2012) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.24
. . . continues on next page . . .
2 RESULTS PER HOST 525

. . . continued from previous page . . .

Installation
path / port: 3306/tcp

Impact
The aws allow remote authenticated users to aect availability via unknown vectors related to
the 'Server Optimizer' and 'InnoDB' package / privilege.

Solution:
Solution type: VendorFix
Update to version 5.5.24 or later.

Aected Software/OS
Oracle MySQL Server 5.5.x through 5.5.23.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server 5.5.x <= 5.5.23 Security Update (cpujul2012) - Windows
OID:[Link].4.1.25623.1.0.117267
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-1735
cve: CVE-2012-1757
cve: CVE-2012-1756
url: [Link]
advisory-id: cpujul2012
dfn-cert: DFN-CERT-2012-1389

Medium (CVSS: 6.8)

NVT: MySQL Server Components Multiple Unspecied Vulnerabilities

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 526

. . . continued from previous page . . .

MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20-log
Fixed version: See advisory

Impact
Successful exploitation could allow remote authenticated users to aect availability via unknown
vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
MySQL version 5.1.x before 5.1.62 and 5.5.x before 5.5.22.

Vulnerability Insight
Multiple unspecied errors exist in the Server Optimizer and Server DML components.

Vulnerability Detection Method

Details: MySQL Server Components Multiple Unspecified Vulnerabilities
OID:[Link].4.1.25623.1.0.803808
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-1690
cve: CVE-2012-1688
cve: CVE-2012-1703
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→pendixMSQL
dfn-cert: DFN-CERT-2012-2118
dfn-cert: DFN-CERT-2012-1170
dfn-cert: DFN-CERT-2012-0939
. . . continues on next page . . .
2 RESULTS PER HOST 527

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-0936
dfn-cert: DFN-CERT-2012-0933
dfn-cert: DFN-CERT-2012-0735

Medium (CVSS: 6.7)

NVT: Oracle Mysql Security Updates (jan2017-2881727) 02 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote to have an impact on availability,
condentiality and integrity.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.53 and earlier, 5.6.34 and earlier, 5.7.16 and earlier on Windows

Vulnerability Insight
Multiple aws exist due to: multiple unspecied errors in sub components 'Error Handling',
'Logging', 'MyISAM', 'Packaging', 'Optimizer', 'DML' and 'DDL'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (jan2017-2881727) 02 - Windows
OID:[Link].4.1.25623.1.0.809865
. . . continues on next page . . .
2 RESULTS PER HOST 528

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3238
cve: CVE-2017-3318
cve: CVE-2017-3291
cve: CVE-2017-3317
cve: CVE-2017-3258
cve: CVE-2017-3312
cve: CVE-2017-3313
cve: CVE-2017-3244
cve: CVE-2017-3265
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1732
cert-bund: CB-K17/1604
cert-bund: CB-K17/1298
cert-bund: CB-K17/0927
cert-bund: CB-K17/0423
cert-bund: CB-K17/0098
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1806
dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-0959
dfn-cert: DFN-CERT-2017-0430
dfn-cert: DFN-CERT-2017-0090
2 RESULTS PER HOST 529

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.1.66 / 5.5 <= 5.5.28 Security Update (cpuapr2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.29
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.1.67, 5.5.29 or later.

Aected Software/OS
Oracle MySQL Server versions 5.1.66 and prior and 5.5 through 5.5.28.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.66 / 5.5 <= 5.5.28 Security Update (cpuapr2013) - Wi.
,→..
OID:[Link].4.1.25623.1.0.803459
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-1531
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0839
. . . continues on next page . . .
2 RESULTS PER HOST 530

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.5.50 / 5.6 <= 5.6.31 / 5.7 <= 5.7.13 Security Update
(cpuoct2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow a remote authenticated user to cause denial
of service conditions.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.50 and prior, 5.6 through 5.6.31 and 5.7 through 5.7.13.

Vulnerability Insight
The aw exists due to an unspecied error in the 'Server: DML' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.50 / 5.6 <= 5.6.31 / 5.7 <= 5.7.13 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.809374
Version used: 2025-09-09T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 531

. . . continued from previous page . . .

Product Detection Result
Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-5612
url: [Link]
advisory-id: cpuoct2016
cert-bund: CB-K16/1979
cert-bund: CB-K16/1755
cert-bund: CB-K16/1742
cert-bund: CB-K16/1714
cert-bund: CB-K16/1624
dfn-cert: DFN-CERT-2016-2089
dfn-cert: DFN-CERT-2016-1859
dfn-cert: DFN-CERT-2016-1849
dfn-cert: DFN-CERT-2016-1790
dfn-cert: DFN-CERT-2016-1714

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.5.31 / 5.6 <= 5.6.11 Security Update (cpujan2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

. . . continues on next page . . .

2 RESULTS PER HOST 532

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.31 and prior and 5.6 through 5.6.11.

Vulnerability Insight
Unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.31 / 5.6 <= 5.6.11 Security Update (cpujan2016) - Wi.
,→..
OID:[Link].4.1.25623.1.0.806878
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-0502
url: [Link]
url: [Link]
advisory-id: cpujan2016
cert-bund: WID-SEC-2024-1482
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K16/0094
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2016-0104

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.1.68 / 5.5 <= 5.5.30 / 5.6 <= 5.6.10 Security Update
(cpuapr2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 533

. . . continued from previous page . . .

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.31
Installation
path / port: 3306/tcp

Impact
Successful exploitation could allow remote attackers to aect condentiality, integrity, and avail-
ability via unknown vectors.

Solution:
Solution type: VendorFix
Update to version 5.1.69, 5.5.31, 5.6.11 or later.

Aected Software/OS
Oracle MySQL Server versions 5.1.68 and prior, 5.5 through 5.5.30 and 5.6 through 5.6.10.

Vulnerability Insight
Unspecied error in Server Optimizer, Server Privileges, InnoDB, and in some unspecied vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.68 / 5.5 <= 5.5.30 / 5.6 <= 5.6.10 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.117207
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-2375
cve: CVE-2013-1544
cve: CVE-2013-1532
cve: CVE-2013-2389
cve: CVE-2013-2392
. . . continues on next page . . .
2 RESULTS PER HOST 534

. . . continued from previous page . . .

cve: CVE-2013-2391
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0882
dfn-cert: DFN-CERT-2013-0839
dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.1.67 / 5.5 <= 5.5.29 / 5.6 <= 5.6.10 Security Update
(cpuapr2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.30
Installation
path / port: 3306/tcp

Impact
Successful exploitation could allow remote attackers to aect condentiality, integrity, and avail-
ability via unknown vectors.

Solution:
Solution type: VendorFix
Update to version 5.1.68, 5.5.30, 5.6.11 or later.

Aected Software/OS
Oracle MySQL Server versions 5.1.67 and prior, 5.5 through 5.5.29 and 5.6 through 5.6.10.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 535

. . . continued from previous page . . .

Unspecied error in some unknown vectors related to Information Schema.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.67 / 5.5 <= 5.5.29 / 5.6 <= 5.6.10 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.117206
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-2378
cve: CVE-2013-1506
url: [Link]
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0839
dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.1.67 / 5.5 <= 5.5.29 Security Update (cpuapr2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.30
Installation
path / port: 3306/tcp

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 536

. . . continued from previous page . . .

Successful exploitation could allow remote attackers to aect condentiality, integrity, and avail-
ability via unknown vectors.

Solution:
Solution type: VendorFix
Update to version 5.1.68, 5.5.30 or later.

Aected Software/OS
Oracle MySQL Server versions 5.1.67 and prior and 5.5 through 5.5.29.

Vulnerability Insight
Unspecied error in Server Partition and in some unspecied vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.67 / 5.5 <= 5.5.29 Security Update (cpuapr2013) - Wi.
,→..
OID:[Link].4.1.25623.1.0.117209
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-1521
cve: CVE-2013-1552
cve: CVE-2013-1555
cve: CVE-2012-5614
url: [Link]
url: [Link]
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0839
dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.6.46 Security Update (cpujan2020) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
. . . continues on next page . . .
2 RESULTS PER HOST 537

. . . continued from previous page . . .

,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied denial of service vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.47
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.47 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.46 and prior.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.46 Security Update (cpujan2020) - Windows
OID:[Link].4.1.25623.1.0.143359
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2020-2579
url: [Link]
advisory-id: cpujan2020
cert-bund: CB-K20/0038
dfn-cert: DFN-CERT-2020-1827
dfn-cert: DFN-CERT-2020-1078
dfn-cert: DFN-CERT-2020-0096
2 RESULTS PER HOST 538

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.6.45 / 5.7 <= 5.7.27 / 8.0 <= 8.0.17 Security Update
(cpuoct2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.46
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.46, 5.7.28, 8.0.18 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.45 and prior, 5.7 through 5.7.27 and 8.0 through 8.0.17.

Vulnerability Insight
Oracle MySQL Server is prone to multiple vulnerabilities.
For further information refer to the ocial advisory via the referenced link.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.45 / 5.7 <= 5.7.27 / 8.0 <= 8.0.17 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.143030
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 539

. . . continued from previous page . . .

References
cve: CVE-2019-2974
cve: CVE-2019-2911
url: [Link]
advisory-id: cpuoct2019
cert-bund: CB-K20/1030
cert-bund: CB-K20/0109
cert-bund: CB-K19/0915
dfn-cert: DFN-CERT-2020-2763
dfn-cert: DFN-CERT-2020-2756
dfn-cert: DFN-CERT-2020-2620
dfn-cert: DFN-CERT-2020-2299
dfn-cert: DFN-CERT-2020-2180
dfn-cert: DFN-CERT-2020-1827
dfn-cert: DFN-CERT-2020-0658
dfn-cert: DFN-CERT-2020-0517
dfn-cert: DFN-CERT-2020-0103
dfn-cert: DFN-CERT-2019-2695
dfn-cert: DFN-CERT-2019-2687
dfn-cert: DFN-CERT-2019-2656
dfn-cert: DFN-CERT-2019-2301
dfn-cert: DFN-CERT-2019-2149

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.26 / 8.0 <= 8.0.16 Security Update (cpu-
jul2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.45
Installation
path / port: 3306/tcp

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 540

. . . continued from previous page . . .

Solution type: VendorFix
Update to version 5.6.45, 5.7.27, 8.0.17 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.44 and prior, 5.7 through 5.7.26 and 8.0 through 8.0.16.

Vulnerability Insight
Oracle MySQL Server is prone to multiple denial of service vulnerabilities.
For further information refer to the ocial advisory via the referenced link.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.26 / 8.0 <= 8.0.16 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.142645
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2019-2805
cve: CVE-2019-2740
cve: CVE-2019-2819
cve: CVE-2019-2739
cve: CVE-2019-2737
cve: CVE-2019-2738
url: [Link]
advisory-id: cpujul2019
cert-bund: CB-K19/0620
dfn-cert: DFN-CERT-2020-2620
dfn-cert: DFN-CERT-2020-2180
dfn-cert: DFN-CERT-2020-0658
dfn-cert: DFN-CERT-2020-0517
dfn-cert: DFN-CERT-2019-2695
dfn-cert: DFN-CERT-2019-2656
dfn-cert: DFN-CERT-2019-2300
dfn-cert: DFN-CERT-2019-2008
dfn-cert: DFN-CERT-2019-1713
dfn-cert: DFN-CERT-2019-1683
dfn-cert: DFN-CERT-2019-1568
dfn-cert: DFN-CERT-2019-1453
2 RESULTS PER HOST 541

Medium (CVSS: 6.5)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities - 02 (May 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.36 and earlier and 5.6.16 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Performance
Schema, Options, RBR.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities - 02 (May 2014) - Windows
OID:[Link].4.1.25623.1.0.804575
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
. . . continues on next page . . .
2 RESULTS PER HOST 542

. . . continued from previous page . . .

cve: CVE-2014-2430
cve: CVE-2014-2431
cve: CVE-2014-2436
cve: CVE-2014-2440
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0710
cert-bund: CB-K14/0464
cert-bund: CB-K14/0452
dfn-cert: DFN-CERT-2014-0742
dfn-cert: DFN-CERT-2014-0477
dfn-cert: DFN-CERT-2014-0459

Medium (CVSS: 6.5)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-02 (Jul 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 543

. . . continued from previous page . . .

Oracle MySQL version 5.5.37 and earlier and 5.6.17 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to SRINFOSC
and SRCHAR.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-02 (Jul 2014) - Windows
OID:[Link].4.1.25623.1.0.804722
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-4258
cve: CVE-2014-4260
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→ty_patches
url: [Link]
,→ppendixMSQL
cert-bund: CB-K15/0567
cert-bund: CB-K14/1420
cert-bund: CB-K14/0891
cert-bund: CB-K14/0868
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2014-1500
dfn-cert: DFN-CERT-2014-0930
dfn-cert: DFN-CERT-2014-0911

Medium (CVSS: 6.5)

NVT: Oracle MySQL Security Update (cpujul2018 - 02) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 544

. . . continued from previous page . . .

Summary
Oracle MySQL is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See reference
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow remote attackers to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle MySQL version 5.5.60 and earlier, 5.6.40 and earlier, 5.7.22 and earlier.

Vulnerability Insight
Multiple aws exist due to errors in 'Server: Security: Encryption', 'Server: Options', 'MyISAM',
'Client mysqldump' components of application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Security Update (cpujul2018 - 02) - Windows
OID:[Link].4.1.25623.1.0.813706
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2018-2767
cve: CVE-2018-3066
cve: CVE-2018-3058
cve: CVE-2018-3070
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 545

. . . continued from previous page . . .

advisory-id: cpujul2018
cert-bund: WID-SEC-2023-1594
cert-bund: CB-K18/0795
dfn-cert: DFN-CERT-2019-1614
dfn-cert: DFN-CERT-2019-1588
dfn-cert: DFN-CERT-2019-1152
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2019-0484
dfn-cert: DFN-CERT-2019-0112
dfn-cert: DFN-CERT-2018-1649
dfn-cert: DFN-CERT-2018-1402
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0913

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.7.32 / 8.0 <= 8.0.22 Security Update (cpuapr2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.33
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.33, 8.0.23 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.32 and prior and 8.0 through 8.0.22.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.32 / 8.0 <= 8.0.22 Security Update (cpuapr2021) - Wi.
. . . continues on next page . . .
2 RESULTS PER HOST 546

. . . continued from previous page . . .

,→..
OID:[Link].4.1.25623.1.0.145794
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2020-1971
cve: CVE-2021-2178
cve: CVE-2021-2202
url: [Link]
advisory-id: cpuapr2021
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-0067
cert-bund: WID-SEC-2023-0065
cert-bund: WID-SEC-2022-2047
cert-bund: WID-SEC-2022-1908
cert-bund: WID-SEC-2022-1000
cert-bund: WID-SEC-2022-0585
cert-bund: CB-K21/1065
cert-bund: CB-K21/0788
cert-bund: CB-K21/0615
cert-bund: CB-K21/0421
cert-bund: CB-K21/0111
cert-bund: CB-K21/0062
cert-bund: CB-K21/0006
cert-bund: CB-K20/1217
dfn-cert: DFN-CERT-2022-1582
dfn-cert: DFN-CERT-2022-1215
dfn-cert: DFN-CERT-2022-0076
dfn-cert: DFN-CERT-2021-2190
dfn-cert: DFN-CERT-2021-2155
dfn-cert: DFN-CERT-2021-2126
dfn-cert: DFN-CERT-2021-1504
dfn-cert: DFN-CERT-2021-1225
dfn-cert: DFN-CERT-2021-0924
dfn-cert: DFN-CERT-2021-0862
dfn-cert: DFN-CERT-2021-0828
dfn-cert: DFN-CERT-2021-0826
dfn-cert: DFN-CERT-2021-0821
dfn-cert: DFN-CERT-2021-0819
dfn-cert: DFN-CERT-2021-0715
dfn-cert: DFN-CERT-2021-0408
. . . continues on next page . . .
2 RESULTS PER HOST 547

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-0338
dfn-cert: DFN-CERT-2021-0255
dfn-cert: DFN-CERT-2021-0134
dfn-cert: DFN-CERT-2021-0131
dfn-cert: DFN-CERT-2021-0128
dfn-cert: DFN-CERT-2021-0120
dfn-cert: DFN-CERT-2021-0107
dfn-cert: DFN-CERT-2021-0078
dfn-cert: DFN-CERT-2021-0012
dfn-cert: DFN-CERT-2020-2791
dfn-cert: DFN-CERT-2020-2668

Medium (CVSS: 6.5)

NVT: Oracle Mysql Security Updates (jan2018-3236628) 02 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple denial of service (DoS) vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of these vulnerabilities will allow remote attackers to conduct a denial-
of-service attack.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.58 and earlier, 5.6.38 and earlier, 5.7.20 and earlier on Windows

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 548

. . . continued from previous page . . .

Multiple aws exist due to:
- An error in the 'Server: DDL' component.
- Multiple errors in the 'Server: Optimizer' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (jan2018-3236628) 02 - Windows
OID:[Link].4.1.25623.1.0.812646
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2018-2668
cve: CVE-2018-2665
cve: CVE-2018-2622
cve: CVE-2018-2640
url: [Link]
cert-bund: CB-K18/0480
cert-bund: CB-K18/0392
cert-bund: CB-K18/0265
cert-bund: CB-K18/0096
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-1265
dfn-cert: DFN-CERT-2018-0515
dfn-cert: DFN-CERT-2018-0424
dfn-cert: DFN-CERT-2018-0286
dfn-cert: DFN-CERT-2018-0101

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.5.51 Security Update (cpuoct2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 549

. . . continued from previous page . . .

Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow a remote authenticated user to cause denial
of service conditions.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.51 and prior.

Vulnerability Insight
The aw exists due to an unspecied error within the 'Server:DML' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.51 Security Update (cpuoct2016) - Windows
OID:[Link].4.1.25623.1.0.809378
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-5624
url: [Link]
advisory-id: cpuoct2016
cert-bund: CB-K16/1846
cert-bund: CB-K16/1714
cert-bund: CB-K16/1624
dfn-cert: DFN-CERT-2016-1950
dfn-cert: DFN-CERT-2016-1790
dfn-cert: DFN-CERT-2016-1714
2 RESULTS PER HOST 550

Medium (CVSS: 6.5)

NVT: Oracle Mysql Security Updates (oct2017-3236626) 02 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to compromise availability
of the system.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.57 and earlier, 5.6.37 and earlier, 5.7.11 and earlier on Windows.

Vulnerability Insight
The aw exists due to an error in 'Server: Optimizer'

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (oct2017-3236626) 02 - Windows
OID:[Link].4.1.25623.1.0.811986
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 551

. . . continued from previous page . . .

References
cve: CVE-2017-10378
url: [Link]
url: [Link]
cert-bund: CB-K18/0480
cert-bund: CB-K18/0242
cert-bund: CB-K18/0224
cert-bund: CB-K17/2048
cert-bund: CB-K17/1748
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-1265
dfn-cert: DFN-CERT-2018-0515
dfn-cert: DFN-CERT-2018-0260
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-2137
dfn-cert: DFN-CERT-2017-1827

Medium (CVSS: 6.5)

NVT: Oracle Mysql Security Updates (oct2017-3236626) 04 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote to compromise availability con-
dentiality, and integrity of the system.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 552

. . . continued from previous page . . .

Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.57 and earlier, 5.6.37 and earlier, 5.7.19 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to:
- An error in 'Client programs' component.
- An error in 'Server: DDL'.
- An error in 'Server: Replication'

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (oct2017-3236626) 04 - Windows
OID:[Link].4.1.25623.1.0.811991
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-10379
cve: CVE-2017-10384
cve: CVE-2017-10268
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0480
cert-bund: CB-K18/0242
cert-bund: CB-K18/0224
cert-bund: CB-K17/2048
cert-bund: CB-K17/1748
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-1265
dfn-cert: DFN-CERT-2018-0515
dfn-cert: DFN-CERT-2018-0260
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-2137
dfn-cert: DFN-CERT-2017-1827
2 RESULTS PER HOST 553

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.6.49 / 5.7 <= 5.7.31 / 8.0 <= 8.0.21 Security Update
(cpuoct2020) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.50
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.50, 5.7.32, 8.0.22 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.49 and prior, 5.7 through 5.7.31 and 8.0 through 8.0.21.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.49 / 5.7 <= 5.7.31 / 8.0 <= 8.0.21 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.108959
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2020-14765
cve: CVE-2020-14769
cve: CVE-2020-14812
. . . continues on next page . . .
2 RESULTS PER HOST 554

. . . continued from previous page . . .

cve: CVE-2020-14793
cve: CVE-2020-14672
cve: CVE-2020-14867
url: [Link]
advisory-id: cpuoct2020
cert-bund: CB-K20/1066
cert-bund: CB-K20/1017
dfn-cert: DFN-CERT-2021-2155
dfn-cert: DFN-CERT-2021-0002
dfn-cert: DFN-CERT-2020-2763
dfn-cert: DFN-CERT-2020-2756
dfn-cert: DFN-CERT-2020-2620
dfn-cert: DFN-CERT-2020-2380
dfn-cert: DFN-CERT-2020-2295

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 8.0.41, 8.1 <= 8.4.4, 9.0 <= 9.2.0 Security Update
(cpuapr2025)- Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.42
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.42, 8.4.5, 9.3.0 or later.

Aected Software/OS
Oracle MySQL Server version 8.0.41 and prior, 8.1 through 8.4.4 and 9.0 through 9.2.0.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 555

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 8.0.41, 8.1 <= 8.4.4, 9.0 <= 9.2.0 Security Update (cpua.
,→..
OID:[Link].4.1.25623.1.0.171442
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2025-21577
cve: CVE-2025-30682
cve: CVE-2025-30687
cve: CVE-2025-30688
cve: CVE-2025-21574
cve: CVE-2025-21575
cve: CVE-2025-30693
cve: CVE-2025-30695
cve: CVE-2025-30715
cve: CVE-2025-21584
cve: CVE-2025-21580
cve: CVE-2025-21581
cve: CVE-2025-21585
cve: CVE-2025-30689
cve: CVE-2025-21579
cve: CVE-2025-30696
cve: CVE-2025-30705
cve: CVE-2025-30683
cve: CVE-2025-30684
cve: CVE-2025-30685
cve: CVE-2025-30699
cve: CVE-2025-30704
cve: CVE-2024-13176
cve: CVE-2024-9143
cve: CVE-2025-30721
cve: CVE-2025-30703
cve: CVE-2025-30681
url: [Link]
advisory-id: cpuapr2025
cert-bund: WID-SEC-2025-2364
cert-bund: WID-SEC-2025-1850
cert-bund: WID-SEC-2025-1572
cert-bund: WID-SEC-2025-1568
cert-bund: WID-SEC-2025-1566
. . . continues on next page . . .
2 RESULTS PER HOST 556

. . . continued from previous page . . .

cert-bund: WID-SEC-2025-1564
cert-bund: WID-SEC-2025-1560
cert-bund: WID-SEC-2025-1257
cert-bund: WID-SEC-2025-1035
cert-bund: WID-SEC-2025-0828
cert-bund: WID-SEC-2025-0818
cert-bund: WID-SEC-2025-0813
cert-bund: WID-SEC-2025-0148
cert-bund: WID-SEC-2025-0131
cert-bund: WID-SEC-2024-3230
dfn-cert: DFN-CERT-2025-2944
dfn-cert: DFN-CERT-2025-2602
dfn-cert: DFN-CERT-2025-2523
dfn-cert: DFN-CERT-2025-1905
dfn-cert: DFN-CERT-2025-1903
dfn-cert: DFN-CERT-2025-1901
dfn-cert: DFN-CERT-2025-1898
dfn-cert: DFN-CERT-2025-1648
dfn-cert: DFN-CERT-2025-1611
dfn-cert: DFN-CERT-2025-1470
dfn-cert: DFN-CERT-2025-1424
dfn-cert: DFN-CERT-2025-1304
dfn-cert: DFN-CERT-2025-0993
dfn-cert: DFN-CERT-2025-0981
dfn-cert: DFN-CERT-2025-0974
dfn-cert: DFN-CERT-2025-0973
dfn-cert: DFN-CERT-2025-0564
dfn-cert: DFN-CERT-2025-0465
dfn-cert: DFN-CERT-2025-0354
dfn-cert: DFN-CERT-2025-0158
dfn-cert: DFN-CERT-2024-2884
dfn-cert: DFN-CERT-2024-2764

Medium (CVSS: 6.5)

NVT: Oracle MySQL Server <= 5.5.38 / 5.6 <= 5.6.19 Security Update (cpuoct2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

. . . continues on next page . . .

2 RESULTS PER HOST 557

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.39
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow attackers to disclose potentially sensitive information, gain
escalated privileges, manipulate certain data, cause a DoS (Denial of Service), and compromise
a vulnerable system.

Solution:
Solution type: VendorFix
Update to version 5.5.39, 5.6.20 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5.38 and prior and 5.6 through 5.6.19.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to
CLIENT:MYSQLADMIN, CLIENT:MYSQLDUMP, SERVER:MEMORY STORAGE ENGINE,
SERVER:SSL:yaSSL, SERVER:DML, SERVER:SSL:yaSSL, SERVER:REPLICATION ROW
FORMAT BINARY LOG DML, SERVER:CHARACTER SETS, and SERVER:MyISAM.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.38 / 5.6 <= 5.6.19 Security Update (cpuoct2014) - Wi.
,→..
OID:[Link].4.1.25623.1.0.804782
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-6530
cve: CVE-2012-5615
cve: CVE-2014-6495
cve: CVE-2014-6478
cve: CVE-2014-4274
cve: CVE-2014-4287
. . . continues on next page . . .
2 RESULTS PER HOST 558

. . . continued from previous page . . .

cve: CVE-2014-6484
cve: CVE-2014-6505
cve: CVE-2014-6463
cve: CVE-2014-6551
url: [Link]
advisory-id: cpuoct2014
cert-bund: CB-K15/1518
cert-bund: CB-K15/0567
cert-bund: CB-K15/0415
cert-bund: CB-K14/1482
cert-bund: CB-K14/1420
cert-bund: CB-K14/1412
cert-bund: CB-K14/1299
dfn-cert: DFN-CERT-2015-1604
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2015-0427
dfn-cert: DFN-CERT-2014-1567
dfn-cert: DFN-CERT-2014-1500
dfn-cert: DFN-CERT-2014-1489
dfn-cert: DFN-CERT-2014-1357
dfn-cert: DFN-CERT-2013-0259

Medium (CVSS: 6.4)

NVT: Oracle MySQL Server Multiple Vulnerabilities - 04 - (Nov 2012) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch

Impact
Successful exploitation will allow an attacker to disclose potentially sensitive information, ma-
nipulate certain data, and cause a DoS (Denial of Service).

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 559

. . . continued from previous page . . .

Solution type: VendorFix
Apply the patch from the referenced vendor advisory or upgrade to the latest version.

Aected Software/OS
Oracle MySQL version 5.5.x to 5.5.26 on Windows.

Vulnerability Insight
The aws are due to multiple unspecied errors in MySQL server component vectors related to
MySQL client and server.

Vulnerability Detection Method

Details: Oracle MySQL Server Multiple Vulnerabilities - 04 - (Nov 2012) - Windows
OID:[Link].4.1.25623.1.0.803114
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-3147
cve: CVE-2012-3149
cve: CVE-2012-3144
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/0919
dfn-cert: DFN-CERT-2013-1937

Medium (CVSS: 6.2)

NVT: Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.26 / 8.0 <= 8.0.16 Security Update
(cpuoct2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 560

. . . continued from previous page . . .

Summary
Oracle MySQL Server is prone to a local unauthenticated vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.45
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.45, 5.7.27, 8.0.17 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.44 and prior, 5.7 through 5.7.26 and 8.0 through 8.0.16.

Vulnerability Insight
Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure
where MySQL Server executes to compromise MySQL Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.26 / 8.0 <= 8.0.16 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.143032
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2019-2969
url: [Link]
advisory-id: cpuoct2019
cert-bund: CB-K19/0915
dfn-cert: DFN-CERT-2019-2149
2 RESULTS PER HOST 561

Medium (CVSS: 6.1)

NVT: Oracle MySQL Server <= 5.5.47 / 5.6 <= 5.6.28 / 5.7 <= 5.7.10 Security Update
(cpuapr2016v3) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.47 and prior, 5.6 through 5.6.28 and 5.7 through 5.7.10.

Vulnerability Insight
Unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.47 / 5.6 <= 5.6.28 / 5.7 <= 5.7.10 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.807928
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
. . . continues on next page . . .
2 RESULTS PER HOST 562

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-0649
cve: CVE-2016-0650
cve: CVE-2016-0644
cve: CVE-2016-0646
cve: CVE-2016-0640
cve: CVE-2016-0641
url: [Link]
advisory-id: cpuapr2016v3
cert-bund: CB-K16/1122
cert-bund: CB-K16/0936
cert-bund: CB-K16/0791
cert-bund: CB-K16/0750
cert-bund: CB-K16/0646
cert-bund: CB-K16/0597
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0994
dfn-cert: DFN-CERT-2016-0903
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0803
dfn-cert: DFN-CERT-2016-0695
dfn-cert: DFN-CERT-2016-0644

Medium (CVSS: 5.9)

NVT: Oracle MySQL Server <= 5.5.45 / 5.6 <= 5.6.26 Security Update (cpujan2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a vulnerability in a third party library.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 563

. . . continued from previous page . . .

path / port: 3306/tcp

Impact
The aw makes it easier for remote attackers to obtain private RSA keys by capturing TLS
handshakes, aka a Lenstra attack.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.45 and prior and 5.6 through 5.6.26.

Vulnerability Insight
wolfSSL (formerly CyaSSL) as used in MySQL does not properly handle faults associated with
the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without
low memory optimizations on a server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.45 / 5.6 <= 5.6.26 Security Update (cpujan2016) - Wi.
,→..
OID:[Link].4.1.25623.1.0.117194
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-7744
url: [Link]
advisory-id: cpujan2016
cert-bund: WID-SEC-2024-1482
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K16/0094
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2016-0104
2 RESULTS PER HOST 564

Medium (CVSS: 5.9)

NVT: Oracle MySQL Server <= 5.6.42 / 5.7 <= 5.7.24 / 8.0 <= 8.0.13 Security Update
(cpuapr2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a vulnerability in the libmysqld subcomponent.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.43
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.43, 5.7.25, 8.0.14 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.42 and prior, 5.7 through 5.7.24 and 8.0 through 8.0.13.

Vulnerability Insight
Dicult to exploit vulnerability allows unauthenticated attacker with network access via multiple
protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all MySQL Server accessible data.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.42 / 5.7 <= 5.7.24 / 8.0 <= 8.0.13 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.142405
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 565

. . . continued from previous page . . .

References
cve: CVE-2018-3123
url: [Link]
advisory-id: cpuapr2019
cert-bund: WID-SEC-2023-1594
cert-bund: CB-K19/0319
dfn-cert: DFN-CERT-2019-0775

Medium (CVSS: 5.9)

NVT: Oracle MySQL Server <= 5.6.43 / 5.7 <= 5.7.25 / 8.0 <= 8.0.15 Security Update
(cpuapr2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.44
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.44, 5.7.26, 8.0.16 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.43 and prior, 5.7 through 5.7.25 and 8.0 through 8.0.15.

Vulnerability Insight
The attacks range in variety and diculty. Most of them allow an attacker with network access
via multiple protocols to compromise the MySQL Server.
For further information refer to the ocial advisory via the referenced link.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 566

. . . continued from previous page . . .

Details: Oracle MySQL Server <= 5.6.43 / 5.7 <= 5.7.25 / 8.0 <= 8.0.15 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.142403
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2019-1559
cve: CVE-2019-2683
cve: CVE-2019-2627
cve: CVE-2019-2614
url: [Link]
advisory-id: cpuapr2019
cert-bund: WID-SEC-2023-2946
cert-bund: WID-SEC-2023-1594
cert-bund: WID-SEC-2022-0673
cert-bund: WID-SEC-2022-0462
cert-bund: CB-K22/0045
cert-bund: CB-K20/0041
cert-bund: CB-K19/0911
cert-bund: CB-K19/0639
cert-bund: CB-K19/0623
cert-bund: CB-K19/0622
cert-bund: CB-K19/0620
cert-bund: CB-K19/0619
cert-bund: CB-K19/0615
cert-bund: CB-K19/0332
cert-bund: CB-K19/0320
cert-bund: CB-K19/0319
cert-bund: CB-K19/0173
dfn-cert: DFN-CERT-2020-2620
dfn-cert: DFN-CERT-2020-2189
dfn-cert: DFN-CERT-2020-2180
dfn-cert: DFN-CERT-2020-0092
dfn-cert: DFN-CERT-2020-0048
dfn-cert: DFN-CERT-2019-2625
dfn-cert: DFN-CERT-2019-2457
dfn-cert: DFN-CERT-2019-2300
dfn-cert: DFN-CERT-2019-2274
dfn-cert: DFN-CERT-2019-2158
dfn-cert: DFN-CERT-2019-2157
dfn-cert: DFN-CERT-2019-2046
. . . continues on next page . . .
2 RESULTS PER HOST 567

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-2008
dfn-cert: DFN-CERT-2019-1996
dfn-cert: DFN-CERT-2019-1897
dfn-cert: DFN-CERT-2019-1755
dfn-cert: DFN-CERT-2019-1746
dfn-cert: DFN-CERT-2019-1722
dfn-cert: DFN-CERT-2019-1713
dfn-cert: DFN-CERT-2019-1683
dfn-cert: DFN-CERT-2019-1678
dfn-cert: DFN-CERT-2019-1677
dfn-cert: DFN-CERT-2019-1617
dfn-cert: DFN-CERT-2019-1614
dfn-cert: DFN-CERT-2019-1486
dfn-cert: DFN-CERT-2019-1460
dfn-cert: DFN-CERT-2019-1455
dfn-cert: DFN-CERT-2019-1453
dfn-cert: DFN-CERT-2019-1450
dfn-cert: DFN-CERT-2019-1408
dfn-cert: DFN-CERT-2019-1240
dfn-cert: DFN-CERT-2019-0968
dfn-cert: DFN-CERT-2019-0781
dfn-cert: DFN-CERT-2019-0775
dfn-cert: DFN-CERT-2019-0771
dfn-cert: DFN-CERT-2019-0566
dfn-cert: DFN-CERT-2019-0556
dfn-cert: DFN-CERT-2019-0412

Medium (CVSS: 5.9)

NVT: Oracle MySQL Server <= 5.7.42, 8.x <= 8.0.33 Security Update (cpujul2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.43
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 568

. . . continued from previous page . . .

path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.43, 8.0.34 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.42 and prior and 8.x through 8.0.33.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.42, 8.x <= 8.0.33 Security Update (cpujul2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.149981
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-22053
url: [Link]
advisory-id: cpujul2023
cert-bund: WID-SEC-2024-1248
cert-bund: WID-SEC-2023-1794
dfn-cert: DFN-CERT-2024-1188
dfn-cert: DFN-CERT-2024-0593
dfn-cert: DFN-CERT-2024-0491
dfn-cert: DFN-CERT-2024-0454
dfn-cert: DFN-CERT-2023-1642

Medium (CVSS: 5.9)

NVT: Oracle MySQL Backronym Vulnerability (Jun 2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 569

. . . continued from previous page . . .

Oracle MySQL is prone to the backronym vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.3
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow man-in-the-middle attackers to spoof servers via a cleartext-
downgrade attack.

Solution:
Solution type: VendorFix
Upgrade to version Oracle MySQL Server 5.7.3 or later.

Aected Software/OS
Oracle MySQL Server 5.7.2 and earlier on Windows.

Vulnerability Insight
The aw exists due to improper validation of MySQL client library when establishing a secure
connection to a MySQL server using the ssl option.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Backronym Vulnerability (Jun 2016) - Windows
OID:[Link].4.1.25623.1.0.808063
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-3152
url: [Link]
url: [Link]
cert-bund: CB-K18/0871
cert-bund: CB-K16/0944
cert-bund: CB-K15/1045
cert-bund: CB-K15/1042
cert-bund: CB-K15/1020
. . . continues on next page . . .
2 RESULTS PER HOST 570

. . . continued from previous page . . .

cert-bund: CB-K15/0994
cert-bund: CB-K15/0964
cert-bund: CB-K15/0895
dfn-cert: DFN-CERT-2016-1004
dfn-cert: DFN-CERT-2015-1105
dfn-cert: DFN-CERT-2015-1096
dfn-cert: DFN-CERT-2015-1071
dfn-cert: DFN-CERT-2015-1051
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-0942

Medium (CVSS: 5.9)

NVT: Oracle MySQL Server <= 5.5.48 / 5.6 <= 5.6.29 / 5.7 <= 5.7.11 Security Update
(cpuapr2016v3) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow remote users to aect condentiality, integrity, and availability
via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.48 and prior, 5.6 through 5.6.29 and 5.7 through 5.7.11.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 571

. . . continued from previous page . . .

Unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.48 / 5.6 <= 5.6.29 / 5.7 <= 5.7.11 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.807924
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-0666
cve: CVE-2016-0647
cve: CVE-2016-0648
cve: CVE-2016-0642
cve: CVE-2016-0643
cve: CVE-2016-2047
url: [Link]
advisory-id: cpuapr2016v3
cert-bund: CB-K16/1129
cert-bund: CB-K16/1122
cert-bund: CB-K16/0936
cert-bund: CB-K16/0791
cert-bund: CB-K16/0750
cert-bund: CB-K16/0646
cert-bund: CB-K16/0597
cert-bund: CB-K16/0493
cert-bund: CB-K16/0133
dfn-cert: DFN-CERT-2016-1204
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0994
dfn-cert: DFN-CERT-2016-0903
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0803
dfn-cert: DFN-CERT-2016-0695
dfn-cert: DFN-CERT-2016-0644
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0143
2 RESULTS PER HOST 572

Medium (CVSS: 5.7)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-03 (Apr 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to cause a denial of service.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier on windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Server :
Optimizer, DDL, Server : Compiling, Server : Federated.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-03 (Apr 2015) - Windows
OID:[Link].4.1.25623.1.0.805172
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 573

. . . continued from previous page . . .

References
cve: CVE-2015-2571
cve: CVE-2015-0505
cve: CVE-2015-0501
cve: CVE-2015-0499
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-2068
cert-bund: CB-K15/1546
cert-bund: CB-K15/1518
cert-bund: CB-K15/1202
cert-bund: CB-K15/1193
cert-bund: CB-K15/1045
cert-bund: CB-K15/1042
cert-bund: CB-K15/0964
cert-bund: CB-K15/0720
cert-bund: CB-K15/0531
dfn-cert: DFN-CERT-2015-1623
dfn-cert: DFN-CERT-2015-1604
dfn-cert: DFN-CERT-2015-1272
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1105
dfn-cert: DFN-CERT-2015-1096
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0551

Medium (CVSS: 5.5)

NVT: Oracle MySQL Server <= 5.5.46 Security Update (cpuapr2016v3) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 574

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow local users to aect availability.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.46 and prior.

Vulnerability Insight
Unspecied error exists in the 'MySQL Server' component via unknown vectors related to 'Op-
timizer'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.46 Security Update (cpuapr2016v3) - Windows
OID:[Link].4.1.25623.1.0.807922
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-0651
url: [Link]
advisory-id: cpuapr2016v3
cert-bund: CB-K16/1122
cert-bund: CB-K16/0936
cert-bund: CB-K16/0791
cert-bund: CB-K16/0597
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0994
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0644
2 RESULTS PER HOST 575

Medium (CVSS: 5.5)

NVT: Oracle MySQL Server <= 8.0.43, 8.1.x <= 8.4.7, 9.0.0 <= 9.4.0 Security Update
(cpuoct2025) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.44
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.44, 8.4.7, 9.4.1 or later.

Aected Software/OS
Oracle MySQL Server versions 8.0.43 and prior, 8.1.x through 8.4.6 and 9.0.0 through 9.4.0.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches)
it is assumed that all versions prior to 8.x and versions like 9.2.x in between are also aected by
these aws. If you disagree with this assessment and want to accept the risk please create an
override for this result.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 8.0.43, 8.1.x <= 8.4.7, 9.0.0 <= 9.4.0 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.119199
Version used: 2025-10-24T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 576

. . . continued from previous page . . .

References
cve: CVE-2025-53054
cve: CVE-2025-53053
cve: CVE-2025-53044
cve: CVE-2025-53045
cve: CVE-2025-53062
cve: CVE-2025-53069
cve: CVE-2025-53040
cve: CVE-2025-53042
url: [Link]
advisory-id: cpuoct2025
cert-bund: WID-SEC-2025-2363
dfn-cert: DFN-CERT-2025-2945

Medium (CVSS: 5.4)

NVT: Oracle MySQL Server <= 5.1.66 / 5.5 <= 5.5.28 Security Update (cpujan2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.29
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.1.67, 5.5.29 or later.

Aected Software/OS
Oracle MySQL Server versions 5.1.66 and prior and 5.5 through 5.5.28.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.66 / 5.5 <= 5.5.28 Security Update (cpujan2013) - Wi.
. . . continues on next page . . .
2 RESULTS PER HOST 577

. . . continued from previous page . . .

,→..
OID:[Link].4.1.25623.1.0.117203
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-5611
cve: CVE-2013-0384
cve: CVE-2013-0389
cve: CVE-2013-0385
cve: CVE-2013-0375
cve: CVE-2012-1702
cve: CVE-2013-0383
cve: CVE-2012-0572
cve: CVE-2012-0574
cve: CVE-2012-1705
cve: CVE-2012-4414
url: [Link]
advisory-id: cpujan2013
cert-bund: CB-K13/0919
cert-bund: CB-K13/0603
dfn-cert: DFN-CERT-2013-1937
dfn-cert: DFN-CERT-2013-1597
dfn-cert: DFN-CERT-2013-0259
dfn-cert: DFN-CERT-2013-0192
dfn-cert: DFN-CERT-2013-0119
dfn-cert: DFN-CERT-2013-0118
dfn-cert: DFN-CERT-2013-0106
dfn-cert: DFN-CERT-2013-0079
dfn-cert: DFN-CERT-2013-0037
dfn-cert: DFN-CERT-2013-0028
dfn-cert: DFN-CERT-2012-2285
dfn-cert: DFN-CERT-2012-2258
dfn-cert: DFN-CERT-2012-2215
dfn-cert: DFN-CERT-2012-2200
2 RESULTS PER HOST 578

Medium (CVSS: 5.3)

NVT: Oracle MySQL Server <= 8.0.39, 8.1 <= 8.4.1, 9.0 <= 9.0.1 Security Update (cpuoct2024)
- Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.40
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.40, 8.4.2, 9.0.2 or later.

Aected Software/OS
Oracle MySQL Server version 8.0.39 and prior, 8.1 through 8.4.1 and 9.0 through 9.0.1.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 8.0.39, 8.1 <= 8.4.1, 9.0 <= 9.0.1 Security Update (cpuo.
,→..
OID:[Link].4.1.25623.1.0.170873
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2024-21238
url: [Link]
advisory-id: cpuoct2024
. . . continues on next page . . .
2 RESULTS PER HOST 579

. . . continued from previous page . . .

cert-bund: WID-SEC-2024-3188
dfn-cert: DFN-CERT-2025-0446
dfn-cert: DFN-CERT-2024-2732

Medium (CVSS: 5.3)

NVT: Oracle MySQL Server <= 5.7.39 / 8.0 <= 8.0.30 Security Update (cpuoct2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.40
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.40, 8.0.31 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.39 and prior and 8.0 through 8.0.30.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.39 / 8.0 <= 8.0.30 Security Update (cpuoct2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.118388
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 580

. . . continued from previous page . . .

References
cve: CVE-2022-2097
cve: CVE-2022-21617
cve: CVE-2022-21608
url: [Link]
advisory-id: cpuoct2022
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-1186
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1969
cert-bund: WID-SEC-2023-1432
cert-bund: WID-SEC-2022-1777
cert-bund: WID-SEC-2022-1776
cert-bund: WID-SEC-2022-1461
cert-bund: WID-SEC-2022-1245
cert-bund: WID-SEC-2022-1146
cert-bund: WID-SEC-2022-1068
cert-bund: WID-SEC-2022-1065
cert-bund: WID-SEC-2022-0561
dfn-cert: DFN-CERT-2024-0147
dfn-cert: DFN-CERT-2023-2667
dfn-cert: DFN-CERT-2023-2491
dfn-cert: DFN-CERT-2023-1230
dfn-cert: DFN-CERT-2023-1058
dfn-cert: DFN-CERT-2023-0509
dfn-cert: DFN-CERT-2023-0299
dfn-cert: DFN-CERT-2023-0100
dfn-cert: DFN-CERT-2022-2323
dfn-cert: DFN-CERT-2022-2315
dfn-cert: DFN-CERT-2022-2306
dfn-cert: DFN-CERT-2022-2150
dfn-cert: DFN-CERT-2022-2073
dfn-cert: DFN-CERT-2022-2072
dfn-cert: DFN-CERT-2022-1905
dfn-cert: DFN-CERT-2022-1646
dfn-cert: DFN-CERT-2022-1536
dfn-cert: DFN-CERT-2022-1521
dfn-cert: DFN-CERT-2022-1520
dfn-cert: DFN-CERT-2022-1515
dfn-cert: DFN-CERT-2022-1497

Medium (CVSS: 5.3)

NVT: Oracle MySQL Server <= 5.6.46 / 5.7 <= 5.7.26 Security Update (cpuapr2020) - Windows

. . . continues on next page . . .

2 RESULTS PER HOST 581

. . . continued from previous page . . .

Product detection result
cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities in OpenSSL.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.47
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.47, 5.7.27 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.46 and prior and 5.7 through 5.7.26.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.46 / 5.7 <= 5.7.26 Security Update (cpuapr2020) - Wi.
,→..
OID:[Link].4.1.25623.1.0.143735
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2019-1547
cve: CVE-2019-1549
cve: CVE-2019-1552
cve: CVE-2019-1563
url: [Link]
advisory-id: cpuapr2020
cert-bund: WID-SEC-2023-3081
cert-bund: WID-SEC-2023-1762
. . . continues on next page . . .
2 RESULTS PER HOST 582

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-1049
cert-bund: WID-SEC-2022-0673
cert-bund: CB-K22/0045
cert-bund: CB-K20/1049
cert-bund: CB-K20/1016
cert-bund: CB-K20/0321
cert-bund: CB-K20/0318
cert-bund: CB-K20/0043
cert-bund: CB-K20/0038
cert-bund: CB-K20/0036
cert-bund: CB-K20/0028
cert-bund: CB-K19/1025
cert-bund: CB-K19/0919
cert-bund: CB-K19/0915
cert-bund: CB-K19/0808
cert-bund: CB-K19/0675
dfn-cert: DFN-CERT-2023-2709
dfn-cert: DFN-CERT-2020-2014
dfn-cert: DFN-CERT-2020-1729
dfn-cert: DFN-CERT-2020-0895
dfn-cert: DFN-CERT-2020-0776
dfn-cert: DFN-CERT-2020-0775
dfn-cert: DFN-CERT-2020-0772
dfn-cert: DFN-CERT-2020-0716
dfn-cert: DFN-CERT-2020-0277
dfn-cert: DFN-CERT-2020-0101
dfn-cert: DFN-CERT-2020-0096
dfn-cert: DFN-CERT-2020-0091
dfn-cert: DFN-CERT-2020-0090
dfn-cert: DFN-CERT-2019-2164
dfn-cert: DFN-CERT-2019-2149
dfn-cert: DFN-CERT-2019-1900
dfn-cert: DFN-CERT-2019-1897
dfn-cert: DFN-CERT-2019-1559

Medium (CVSS: 5.3)

NVT: Oracle MySQL Server <= 5.6.45 / 5.7 <= 5.7.27 Security Update (cpuoct2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 583

. . . continued from previous page . . .

Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.46
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.46, 5.7.28 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.45 and prior and 5.7 through 5.7.27.

Vulnerability Insight
Oracle MySQL Server is prone to multiple vulnerabilities.
For further information refer to the ocial advisory via the referenced link.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.45 / 5.7 <= 5.7.27 Security Update (cpuoct2019) - Wi.
,→..
OID:[Link].4.1.25623.1.0.143034
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2019-2922
cve: CVE-2019-2923
cve: CVE-2019-2924
cve: CVE-2019-2910
url: [Link]
advisory-id: cpuoct2019
cert-bund: CB-K19/0915
dfn-cert: DFN-CERT-2020-0103
dfn-cert: DFN-CERT-2019-2149
2 RESULTS PER HOST 584

Medium (CVSS: 5.3)

NVT: Oracle Mysql Security Updates (apr2017-3236618) 03 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to bypass certain security
restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This
may lead to other attacks also.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.54 and earlier, 5.6.35 and earlier on Windows

Vulnerability Insight
The aw exists due to an incorrect implementation or enforcement of 'ssl-mode=REQUIRED'
in MySQL.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (apr2017-3236618) 03 - Windows
OID:[Link].4.1.25623.1.0.810884
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
. . . continues on next page . . .
2 RESULTS PER HOST 585

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3305
url: [Link]
url: [Link]
cert-bund: CB-K17/1604
cert-bund: CB-K17/1239
cert-bund: CB-K17/0657
dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1282
dfn-cert: DFN-CERT-2017-0675

Medium (CVSS: 5.3)

NVT: Oracle Mysql Security Updates (jul2017-3236622) 02 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch

Impact
Successful exploitation of this vulnerability will allow remote attackers to have an impact on
condentiality, integrity and availability.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.56 and earlier, 5.6.36 and earlier, 5.7.18 and earlier, on Windows

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 586

. . . continued from previous page . . .

Multiple aws exist due to
- A aw in the Client mysqldump component.
- A aw in the Server: DDL component.
- A aw in the C API component.
- A aw in the Connector/C component.
- A aw in the Server: Charsets component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (jul2017-3236622) 02 - Windows
OID:[Link].4.1.25623.1.0.811432
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3651
cve: CVE-2017-3653
cve: CVE-2017-3652
cve: CVE-2017-3635
cve: CVE-2017-3648
cve: CVE-2017-3641
url: [Link]
,→#AppendixMSQL
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1870
cert-bund: CB-K17/1732
cert-bund: CB-K17/1604
cert-bund: CB-K17/1453
cert-bund: CB-K17/1401
cert-bund: CB-K17/1298
cert-bund: CB-K17/1239
cert-bund: CB-K17/1205
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1956
dfn-cert: DFN-CERT-2017-1806
. . . continues on next page . . .
2 RESULTS PER HOST 587

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1519
dfn-cert: DFN-CERT-2017-1465
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-1282
dfn-cert: DFN-CERT-2017-1243

Medium (CVSS: 5.3)

NVT: Oracle Mysql Security Updates (jul2017-3236622) 03 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch

Impact
Successful exploitation of this vulnerability will allow remote attackers to partially access data,
partially modify data, and partially deny service.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.56 and earlier, 5.6.36 and earlier, on Windows

Vulnerability Insight
The aw exists due to an error in the Client programs component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (jul2017-3236622) 03 - Windows
OID:[Link].4.1.25623.1.0.811434
. . . continues on next page . . .
2 RESULTS PER HOST 588

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3636
url: [Link]
,→#AppendixMSQL
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1870
cert-bund: CB-K17/1604
cert-bund: CB-K17/1453
cert-bund: CB-K17/1401
cert-bund: CB-K17/1239
cert-bund: CB-K17/1205
dfn-cert: DFN-CERT-2018-1276
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1956
dfn-cert: DFN-CERT-2017-1675
dfn-cert: DFN-CERT-2017-1519
dfn-cert: DFN-CERT-2017-1465
dfn-cert: DFN-CERT-2017-1282
dfn-cert: DFN-CERT-2017-1243

Medium (CVSS: 5.0)

NVT: MySQL Unspecied vulnerabilities-03 (Jul 2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 589

. . . continued from previous page . . .

Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote authenticated users to aect availability via unknown
vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL 5.5.30 and earlier and 5.6.10 on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Prepared
Statements, Server Options and Server Partition.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: MySQL Unspecified vulnerabilities-03 (Jul 2013) - Windows
OID:[Link].4.1.25623.1.0.803725
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-3801
cve: CVE-2013-3805
cve: CVE-2013-3794
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/0919
cert-bund: CB-K13/0620
dfn-cert: DFN-CERT-2013-1937
dfn-cert: DFN-CERT-2013-1599
dfn-cert: DFN-CERT-2013-1553
dfn-cert: DFN-CERT-2013-1478
2 RESULTS PER HOST 590

Medium (CVSS: 5.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-02 (Apr 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to cause a denial of service.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier on windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to DDL, Server
: Security : Privileges, Server : Security : Encryption, InnoDB : DML.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-02 (Apr 2015) - Windows
OID:[Link].4.1.25623.1.0.805171
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 591

. . . continued from previous page . . .

References
cve: CVE-2015-2573
cve: CVE-2015-2568
cve: CVE-2015-0441
cve: CVE-2015-0433
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-2068
cert-bund: CB-K15/1546
cert-bund: CB-K15/1202
cert-bund: CB-K15/1193
cert-bund: CB-K15/1045
cert-bund: CB-K15/1042
cert-bund: CB-K15/0964
cert-bund: CB-K15/0720
cert-bund: CB-K15/0531
dfn-cert: DFN-CERT-2015-1623
dfn-cert: DFN-CERT-2015-1272
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1105
dfn-cert: DFN-CERT-2015-1096
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0551

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.7.42, 8.x <= 8.0.31 Security Update (cpuoct2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
. . . continues on next page . . .
2 RESULTS PER HOST 592

. . . continued from previous page . . .

Fixed version: 5.7.43
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.43, 8.0.32 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.42 and prior and 8.x through 8.0.31.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.42, 8.x <= 8.0.31 Security Update (cpuoct2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.151212
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-22015
cve: CVE-2023-22026
url: [Link]
advisory-id: cpuoct2023
cert-bund: WID-SEC-2023-2690
dfn-cert: DFN-CERT-2023-2536

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.7.33 Security Update (cpuapr2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

. . . continues on next page . . .

2 RESULTS PER HOST 593

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.34
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.34 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.33 and prior.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.33 Security Update (cpuapr2021) - Windows
OID:[Link].4.1.25623.1.0.145802
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-2154
url: [Link]
advisory-id: cpuapr2021
cert-bund: WID-SEC-2023-0065
cert-bund: CB-K21/0421
dfn-cert: DFN-CERT-2022-1241
dfn-cert: DFN-CERT-2022-0933
dfn-cert: DFN-CERT-2022-0666
dfn-cert: DFN-CERT-2021-1660
dfn-cert: DFN-CERT-2021-0984
dfn-cert: DFN-CERT-2021-0821

Medium (CVSS: 4.9)

NVT: Oracle MySQL Security Update (cpujul2018 - 04) - Windows

Product detection result

. . . continues on next page . . .
2 RESULTS PER HOST 594

. . . continued from previous page . . .

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See reference
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote attackers to conduct a denial-of-
service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle MySQL version 5.5.60 and earlier.

Vulnerability Insight
Multiple aws exist due to an error in the 'Server: Security: Privileges' component of MySQL
Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Security Update (cpujul2018 - 04) - Windows
OID:[Link].4.1.25623.1.0.813710
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2018-3063
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 595

. . . continued from previous page . . .

advisory-id: cpujul2018
cert-bund: WID-SEC-2023-1594
cert-bund: CB-K18/0795
dfn-cert: DFN-CERT-2019-1614
dfn-cert: DFN-CERT-2019-1588
dfn-cert: DFN-CERT-2019-1152
dfn-cert: DFN-CERT-2019-1047
dfn-cert: DFN-CERT-2019-0484
dfn-cert: DFN-CERT-2018-1649
dfn-cert: DFN-CERT-2018-1402

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.7.41, 8.x <= 8.0.32 Security Update (cpujul2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.42
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.42, 8.0.33 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.41 and prior and 8.x through 8.0.32.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.41, 8.x <= 8.0.32 Security Update (cpujul2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.149979
. . . continues on next page . . .
2 RESULTS PER HOST 596

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-22007
url: [Link]
advisory-id: cpujul2023
cert-bund: WID-SEC-2023-1794
dfn-cert: DFN-CERT-2024-1188
dfn-cert: DFN-CERT-2024-0593
dfn-cert: DFN-CERT-2024-0454
dfn-cert: DFN-CERT-2023-1642

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server Component 'Replication' Unspecied vulnerability (Oct 2013) -
Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote attackers to disclose sensitive information, manipulate
certain data, cause a DoS (Denial of Service) and bypass certain security restrictions.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

. . . continues on next page . . .

2 RESULTS PER HOST 597

. . . continued from previous page . . .

Aected Software/OS
Oracle MySQL versions 5.5.10 through 5.5.32 and 5.6.x through 5.6.12 on Windows

Vulnerability Insight
Unspecied error in the MySQL Server component via unknown vectors related to Replication.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server Component 'Replication' Unspecified vulnerability (Oct 2013.
,→..
OID:[Link].4.1.25623.1.0.804034
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-5807
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0187
cert-bund: CB-K13/1072
cert-bund: CB-K13/0840
cert-bund: CB-K13/0789
dfn-cert: DFN-CERT-2014-0190
dfn-cert: DFN-CERT-2013-2099
dfn-cert: DFN-CERT-2013-1846
dfn-cert: DFN-CERT-2013-1795

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.6.50 / 5.7 <= 5.7.30 / 8.0 <= 8.0.17 Security Update (cpu-
jan2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 598

. . . continued from previous page . . .

Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.51
Installation
path / port: 3306/tcp

Impact
Successful attacks of this vulnerability can result in the unauthorized ability to cause a hang or
frequently repeatedly crash (complete DOS) the MySQL Server.

Solution:
Solution type: VendorFix
Update to version 5.6.51, 5.7.31, 8.0.18 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.50 and prior, 5.7 through 5.7.30 and 8.0 through 8.0.17.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.50 / 5.7 <= 5.7.30 / 8.0 <= 8.0.17 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.145222
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-2001
url: [Link]
advisory-id: cpujan2021
cert-bund: WID-SEC-2023-0067
cert-bund: CB-K21/0062
dfn-cert: DFN-CERT-2021-2155
dfn-cert: DFN-CERT-2021-0810
dfn-cert: DFN-CERT-2021-0131
2 RESULTS PER HOST 599

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 8.0.35 Security Update (cpuoct2024) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.36
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.36 or later.

Aected Software/OS
Oracle MySQL Server version 8.0.35 and prior.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 8.0.35 Security Update (cpuoct2024) - Windows
OID:[Link].4.1.25623.1.0.170867
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2024-21200
url: [Link]
advisory-id: cpuoct2024
cert-bund: WID-SEC-2024-3188
dfn-cert: DFN-CERT-2024-2732
2 RESULTS PER HOST 600

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.7.40 Security Update (cpujan2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.41
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.41 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.40 and prior.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.40 Security Update (cpujan2023) - Windows
OID:[Link].4.1.25623.1.0.149168
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-21840
url: [Link]
advisory-id: cpujan2023
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2023-1424
. . . continues on next page . . .
2 RESULTS PER HOST 601

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-0126
dfn-cert: DFN-CERT-2023-0105

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.7.43, 8.x <= 8.0.31 Security Update (cpuoct2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.44
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.44, 8.0.32 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.43 and prior and 8.x through 8.0.31.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.43, 8.x <= 8.0.31 Security Update (cpuoct2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.151216
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
. . . continues on next page . . .
2 RESULTS PER HOST 602

. . . continued from previous page . . .

cve: CVE-2023-22028
url: [Link]
advisory-id: cpuoct2023
cert-bund: WID-SEC-2023-2690
dfn-cert: DFN-CERT-2024-0108
dfn-cert: DFN-CERT-2023-2536

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.6.50 / 5.7 <= 5.7.32 / 8.0 <= 8.0.22 Security Update (cpu-
jan2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.51
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.51, 5.7.33, 8.0.23 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.50 and prior, 5.7 through 5.7.32 and 8.0 through 8.0.22.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.50 / 5.7 <= 5.7.32 / 8.0 <= 8.0.22 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.145224
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
. . . continues on next page . . .
2 RESULTS PER HOST 603

. . . continued from previous page . . .

Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-2022
cve: CVE-2021-2060
url: [Link]
advisory-id: cpujan2021
cert-bund: WID-SEC-2023-0067
cert-bund: CB-K21/0062
dfn-cert: DFN-CERT-2021-2155
dfn-cert: DFN-CERT-2021-0131

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 8.0.38, 8.1 <= 8.4.1, 9.0 <= 9.0.1 Security Update (cpuoct2024)
- Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.39
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.39, 8.4.2, 9.0.2 or later.

Aected Software/OS
Oracle MySQL Server version 8.0.38 and prior, 8.1 through 8.4.1 and 9.0 through 9.0.1.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 604

. . . continued from previous page . . .

Details: Oracle MySQL Server <= 8.0.38, 8.1 <= 8.4.1, 9.0 <= 9.0.1 Security Update (cpuo.
,→..
OID:[Link].4.1.25623.1.0.170869
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2024-21207
url: [Link]
advisory-id: cpuoct2024
cert-bund: WID-SEC-2024-3188
dfn-cert: DFN-CERT-2024-2732

Medium (CVSS: 4.9)

NVT: Oracle MySQL Server <= 5.7.30 / 8.0 <= 8.0.17 Security Update (cpuapr2021) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.31
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.31, 8.0.18 or later.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 605

. . . continued from previous page . . .

Oracle MySQL Server version 5.7.30 and prior and 8.0 through 8.0.17.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.30 / 8.0 <= 8.0.17 Security Update (cpuapr2021) - Wi.
,→..
OID:[Link].4.1.25623.1.0.145804
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2021-2160
url: [Link]
advisory-id: cpuapr2021
cert-bund: WID-SEC-2023-0065
cert-bund: CB-K21/0421
dfn-cert: DFN-CERT-2021-0821

Medium (CVSS: 4.6)

NVT: Oracle MySQL Server 5.5 <= 5.5.29 / 5.6 <= 5.6.11 Security Update (cpuapr2013) -
Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.30
Installation
path / port: 3306/tcp

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 606

. . . continued from previous page . . .

Solution type: VendorFix
Update to version 5.5.30, 5.6.11 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5 through 5.5.29 and 5.6 through 5.6.10.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server 5.5 <= 5.5.29 / 5.6 <= 5.6.11 Security Update (cpuapr2013) .
,→..
OID:[Link].4.1.25623.1.0.117213
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-1523
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 4.4)

NVT: Oracle MySQL Server <= 8.0.39, 8.1 <= 8.4.0 Security Update (cpuoct2024) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 8.0.40
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 607

. . . continued from previous page . . .

path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 8.0.40, 8.4.1 or later.

Aected Software/OS
Oracle MySQL Server version 8.0.39 and prior and 8.1 through 8.4.0.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 8.0.39, 8.1 <= 8.4.0 Security Update (cpuoct2024) - Wind.
,→..
OID:[Link].4.1.25623.1.0.170871
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2024-21212
url: [Link]
advisory-id: cpuoct2024
cert-bund: WID-SEC-2024-3188
dfn-cert: DFN-CERT-2025-0446
dfn-cert: DFN-CERT-2024-2732

Medium (CVSS: 4.4)

NVT: Oracle Mysql Security Updates (jan2017-2881727) 04 - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 608

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation of this vulnerability will allow remote to have some unspecied impact
on availability.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.53 and earlier on Windows

Vulnerability Insight
The aw exists due to an unspecied error in sub component 'Server: Charsets'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Mysql Security Updates (jan2017-2881727) 04 - Windows
OID:[Link].4.1.25623.1.0.809869
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2017-3243
url: [Link]
url: [Link]
cert-bund: CB-K18/0224
cert-bund: CB-K17/1298
cert-bund: CB-K17/0098
dfn-cert: DFN-CERT-2018-0242
dfn-cert: DFN-CERT-2017-1341
dfn-cert: DFN-CERT-2017-0090
2 RESULTS PER HOST 609

Medium (CVSS: 4.4)

NVT: Oracle MySQL Server <= 5.7.36 / 8.0 <= 8.0.27 Security Update (cpuoct2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.37
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.37, 8.0.28 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.36 and prior and 8.0 through 8.0.27.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.36 / 8.0 <= 8.0.27 Security Update (cpuoct2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.118382
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2022-21595
url: [Link]
advisory-id: cpuoct2022
cert-bund: WID-SEC-2024-1591
. . . continues on next page . . .
2 RESULTS PER HOST 610

. . . continued from previous page . . .

cert-bund: WID-SEC-2022-1776
dfn-cert: DFN-CERT-2023-0504
dfn-cert: DFN-CERT-2022-2306

Medium (CVSS: 4.3)

NVT: Oracle MySQL Multiple Unspecied Vulnerabilities-03 (Jul 2015)

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier on Windows

Vulnerability Insight
Unspecied errors exist in the MySQL Server component via unknown vectors related to Server
: Pluggable Auth and Server : Security : Privileges.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified Vulnerabilities-03 (Jul 2015)
OID:[Link].4.1.25623.1.0.805930
. . . continues on next page . . .
2 RESULTS PER HOST 611

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-4737
cve: CVE-2015-2620
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1518
cert-bund: CB-K15/1202
cert-bund: CB-K15/1193
cert-bund: CB-K15/1045
cert-bund: CB-K15/1020
dfn-cert: DFN-CERT-2015-1604
dfn-cert: DFN-CERT-2015-1272
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1096
dfn-cert: DFN-CERT-2015-1071

Medium (CVSS: 4.3)

NVT: Oracle MySQL Server <= 5.7.39 / 8.0 <= 8.0.29 Security Update (cpuoct2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.40
Installation
path / port: 3306/tcp

. . . continues on next page . . .

2 RESULTS PER HOST 612

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
Update to version 5.7.40, 8.0.30 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.39 and prior and 8.0 through 8.0.29.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.39 / 8.0 <= 8.0.29 Security Update (cpuoct2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.118386
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2022-21592
url: [Link]
advisory-id: cpuoct2022
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2022-1776
dfn-cert: DFN-CERT-2022-2306

Medium (CVSS: 4.3)

NVT: Oracle MySQL Server <= 5.7.39 / 8.0 <= 8.0.16 Security Update (cpuoct2022) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 613

. . . continued from previous page . . .

Installed version: 5.5.20
Fixed version: 5.7.40
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.40, 8.0.17 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.39 and prior and 8.0 through 8.0.16.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.39 / 8.0 <= 8.0.16 Security Update (cpuoct2022) - Wi.
,→..
OID:[Link].4.1.25623.1.0.118384
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2022-21589
url: [Link]
advisory-id: cpuoct2022
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2022-1776
dfn-cert: DFN-CERT-2022-2306

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities - 05 (Jan 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 614

. . . continued from previous page . . .

Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Optimizer,
InnoDB, and Locking.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities - 05 (Jan 2014) - Windows
OID:[Link].4.1.25623.1.0.804076
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-0386
cve: CVE-2014-0393
cve: CVE-2014-0402
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0710
cert-bund: CB-K14/0187
cert-bund: CB-K14/0177
. . . continues on next page . . .
2 RESULTS PER HOST 615

. . . continued from previous page . . .

cert-bund: CB-K14/0082
cert-bund: CB-K14/0074
cert-bund: CB-K14/0055
dfn-cert: DFN-CERT-2014-0742
dfn-cert: DFN-CERT-2014-0190
dfn-cert: DFN-CERT-2014-0180
dfn-cert: DFN-CERT-2014-0085
dfn-cert: DFN-CERT-2014-0074
dfn-cert: DFN-CERT-2014-0048

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server Component 'Optimizer' Unspecied vulnerability (Oct 2013) - Win-
dows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote attackers to disclose sensitive information, manipulate
certain data, cause a DoS (Denial of Service) and bypass certain security restrictions.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL versions 5.1.51 through 5.1.70, 5.5.10 through 5.5.32, and 5.6.x through 5.6.12
on Windows.

Vulnerability Insight
Unspecied error in the MySQL Server component via unknown vectors related to Optimizer.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 616

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server Component 'Optimizer' Unspecified vulnerability (Oct 2013) .
,→..
OID:[Link].4.1.25623.1.0.804033
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-3839
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0187
cert-bund: CB-K13/1072
cert-bund: CB-K13/0840
cert-bund: CB-K13/0806
cert-bund: CB-K13/0789
dfn-cert: DFN-CERT-2014-0190
dfn-cert: DFN-CERT-2013-2099
dfn-cert: DFN-CERT-2013-1846
dfn-cert: DFN-CERT-2013-1815
dfn-cert: DFN-CERT-2013-1795

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server Multiple Vulnerabilities - 03 - (Nov 2012) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL server is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
. . . continues on next page . . .
2 RESULTS PER HOST 617

. . . continued from previous page . . .

Fixed version: Apply the patch

Impact
Successful exploitation will allow an attacker to disclose potentially sensitive information, ma-
nipulate certain data.

Solution:
Solution type: VendorFix
Apply the patch from the referenced vendor advisory or upgrade to latest version.

Aected Software/OS
Oracle MySQL version 5.1.x to 5.1.63 and Oracle MySQL version 5.5.x to 5.5.25 on Windows.

Vulnerability Insight
The aws are due to multiple unspecied errors in MySQL server component vectors related to
InnoDB plugin, server full text search and InnoDB.

Vulnerability Detection Method

Details: Oracle MySQL Server Multiple Vulnerabilities - 03 - (Nov 2012) - Windows
OID:[Link].4.1.25623.1.0.803113
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-3173
cve: CVE-2012-3167
cve: CVE-2012-3166
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2012-2200
dfn-cert: DFN-CERT-2012-2118
2 RESULTS PER HOST 618

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server <= 5.5.46 Security Update (cpujan2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect availability via un-
known vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.46 and prior.

Vulnerability Insight
Unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.46 Security Update (cpujan2016) - Windows
OID:[Link].4.1.25623.1.0.117190
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

. . . continues on next page . . .

2 RESULTS PER HOST 619

. . . continued from previous page . . .

References
cve: CVE-2016-0616
url: [Link]
advisory-id: cpujan2016
cert-bund: WID-SEC-2024-1482
cert-bund: CB-K16/1122
cert-bund: CB-K16/0936
cert-bund: CB-K16/0791
cert-bund: CB-K16/0493
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K16/0133
cert-bund: CB-K16/0094
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0994
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2016-0143
dfn-cert: DFN-CERT-2016-0104

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server <= 5.5.46 / 5.6 <= 5.6.27 Security Update (cpujan2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 620

. . . continued from previous page . . .

Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.46 and prior and 5.6 through 5.6.27.

Vulnerability Insight
Unspecied errors exist in the 'MySQL Server' component via unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.46 / 5.6 <= 5.6.27 Security Update (cpujan2016) - Wi.
,→..
OID:[Link].4.1.25623.1.0.806877
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-0596
url: [Link]
url: [Link]
url: [Link]
url: [Link]
advisory-id: cpujan2016
cert-bund: WID-SEC-2024-1482
cert-bund: CB-K16/1122
cert-bund: CB-K16/0936
cert-bund: CB-K16/0791
cert-bund: CB-K16/0646
cert-bund: CB-K16/0493
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K16/0133
cert-bund: CB-K16/0094
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0994
dfn-cert: DFN-CERT-2016-0845
. . . continues on next page . . .
2 RESULTS PER HOST 621

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2016-0695
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2016-0143
dfn-cert: DFN-CERT-2016-0104

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server <= 5.5.38 Security Update (cpuoct2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.39
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow attackers to disclose potentially sensitive information, gain
escalated privileges, manipulate certain data, cause a DoS (Denial of Service), and compromise
a vulnerable system.

Solution:
Solution type: VendorFix
Update to version 5.5.39 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5.38 and prior.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to
SERVER:DDL.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 622

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.38 Security Update (cpuoct2014) - Windows
OID:[Link].4.1.25623.1.0.804783
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-6520
url: [Link]
url: [Link]
advisory-id: cpuoct2014
cert-bund: CB-K15/0567
cert-bund: CB-K15/0415
cert-bund: CB-K14/1482
cert-bund: CB-K14/1420
cert-bund: CB-K14/1412
cert-bund: CB-K14/1299
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2015-0427
dfn-cert: DFN-CERT-2014-1567
dfn-cert: DFN-CERT-2014-1500
dfn-cert: DFN-CERT-2014-1489
dfn-cert: DFN-CERT-2014-1357

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server <= 5.1.62 / 5.4.x <= 5.5.23 Security Update (cpujul2012) - Win-
dows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 623

. . . continued from previous page . . .

Installed version: 5.5.20
Fixed version: 5.5.24
Installation
path / port: 3306/tcp

Impact
The aws allow remote authenticated users to aect availability via unknown vectors related to
the 'Server Optimizer' and 'GIS Extension' package / privilege.

Solution:
Solution type: VendorFix
Update to version 5.1.63, 5.5.24 or later.

Aected Software/OS
Oracle MySQL Server 5.1.62 and prior and 5.4.x through 5.5.23.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.62 / 5.4.x <= 5.5.23 Security Update (cpujul2012) - .
,→..
OID:[Link].4.1.25623.1.0.117265
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-0540
cve: CVE-2012-1734
cve: CVE-2012-2749
url: [Link]
advisory-id: cpujul2012
dfn-cert: DFN-CERT-2013-0106
dfn-cert: DFN-CERT-2012-2118
dfn-cert: DFN-CERT-2012-1389

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server <= 5.1.62 / 5.4.x <= 5.5.22 Security Update (cpujul2012) - Win-
dows

Product detection result

. . . continues on next page . . .
2 RESULTS PER HOST 624

. . . continued from previous page . . .

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.23
Installation
path / port: 3306/tcp

Impact
The aw allows remote authenticated users to aect availability via unknown vectors related to
the 'Server Optimizer' package / privilege.

Solution:
Solution type: VendorFix
Update to version 5.1.63, 5.5.23 or later.

Aected Software/OS
Oracle MySQL Server 5.1.62 and prior and 5.4.x through 5.5.22.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.1.62 / 5.4.x <= 5.5.22 Security Update (cpujul2012) - .
,→..
OID:[Link].4.1.25623.1.0.117263
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-1689
url: [Link]
advisory-id: cpujul2012
dfn-cert: DFN-CERT-2012-2118
dfn-cert: DFN-CERT-2012-1389
2 RESULTS PER HOST 625

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server 5.5 <= 5.5.30 / 5.6 <= 5.6.10 Security Update (cpuapr2013) -
Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.31
Installation
path / port: 3306/tcp

Impact
Successful exploitation could allow remote attackers to aect condentiality, integrity, and avail-
ability via unknown vectors.

Solution:
Solution type: VendorFix
Update to version 5.5.31, 5.6.11 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5 through 5.5.30 and 5.6 through 5.6.10.

Vulnerability Insight
Unspecied error in some unknown vectors related to Stored Procedure.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server 5.5 <= 5.5.30 / 5.6 <= 5.6.10 Security Update (cpuapr2013) .
,→..
OID:[Link].4.1.25623.1.0.809815
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
. . . continues on next page . . .
2 RESULTS PER HOST 626

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-2376
cve: CVE-2013-1511
url: [Link]
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0882
dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 4.0)

NVT: Oracle MySQL Server 5.5 <= 5.5.29 Security Update (cpuapr2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.30
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.5.30 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5 through 5.5.29.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server 5.5 <= 5.5.29 Security Update (cpuapr2013) - Windows
OID:[Link].4.1.25623.1.0.117215
. . . continues on next page . . .
2 RESULTS PER HOST 627

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-1512
cve: CVE-2013-1526
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0798

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-04 (Feb 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20

Impact
Successful exploitation will allow attackers to disclose potentially sensitive information, manip-
ulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server version 5.5.38 and earlier, and 5.6.19 and earlier on Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 628

. . . continued from previous page . . .

Unspecied errors in the MySQL Server component via unknown vectors related to DLL.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-04 (Feb 2015) - Windows
OID:[Link].4.1.25623.1.0.805135
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-0391
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1193
cert-bund: CB-K15/0567
cert-bund: CB-K15/0415
cert-bund: CB-K15/0073
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2015-0427
dfn-cert: DFN-CERT-2015-0074

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-03 (Jul 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20-log
. . . continues on next page . . .
2 RESULTS PER HOST 629

. . . continued from previous page . . .

Vulnerable range: 5.5 - 5.5.37

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.37 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to ENARC and
SROPTZR.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-03 (Jul 2014) - Windows
OID:[Link].4.1.25623.1.0.804723
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-2494
cve: CVE-2014-4207
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→ty_patches
url: [Link]
,→ppendixMSQL
cert-bund: CB-K15/0567
cert-bund: CB-K14/1420
cert-bund: CB-K14/0891
cert-bund: CB-K14/0868
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2014-1500
dfn-cert: DFN-CERT-2014-0930
. . . continues on next page . . .
2 RESULTS PER HOST 630

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2014-0911

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities-02 (Feb 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20

Impact
Successful exploitation will allow attackers to disclose potentially sensitive information, manip-
ulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server version 5.5.40 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to
Server:InnoDB:DDL:Foreign Key

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities-02 (Feb 2015) - Windows
OID:[Link].4.1.25623.1.0.805133
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
. . . continues on next page . . .
2 RESULTS PER HOST 631

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-0432
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1193
cert-bund: CB-K15/0964
cert-bund: CB-K15/0567
cert-bund: CB-K15/0415
cert-bund: CB-K15/0073
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1016
dfn-cert: DFN-CERT-2015-0593
dfn-cert: DFN-CERT-2015-0427
dfn-cert: DFN-CERT-2015-0074

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities - 04 (Jan 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

. . . continues on next page . . .

2 RESULTS PER HOST 632

. . . continued from previous page . . .

Aected Software/OS
Oracle MySQL version 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to InnoDB,
Optimizer, Error Handling, and some unknown vectors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities - 04 (Jan 2014) - Windows
OID:[Link].4.1.25623.1.0.804075
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-0401
cve: CVE-2014-0412
cve: CVE-2014-0437
cve: CVE-2013-5908
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1518
cert-bund: CB-K14/0710
cert-bund: CB-K14/0187
cert-bund: CB-K14/0177
cert-bund: CB-K14/0082
cert-bund: CB-K14/0074
cert-bund: CB-K14/0055
dfn-cert: DFN-CERT-2015-1604
dfn-cert: DFN-CERT-2014-0742
dfn-cert: DFN-CERT-2014-0190
dfn-cert: DFN-CERT-2014-0180
dfn-cert: DFN-CERT-2014-0085
dfn-cert: DFN-CERT-2014-0074
dfn-cert: DFN-CERT-2014-0048
2 RESULTS PER HOST 633

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities - 03 (Jan 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.33 and earlier on Windows, Oracle MySQL version 5.6.13 and earlier
on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Partition.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities - 03 (Jan 2014) - Windows
OID:[Link].4.1.25623.1.0.804074
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
. . . continues on next page . . .
2 RESULTS PER HOST 634

. . . continued from previous page . . .

cve: CVE-2013-5891
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0710
cert-bund: CB-K14/0187
cert-bund: CB-K14/0082
cert-bund: CB-K14/0074
cert-bund: CB-K14/0055
dfn-cert: DFN-CERT-2014-0742
dfn-cert: DFN-CERT-2014-0190
dfn-cert: DFN-CERT-2014-0085
dfn-cert: DFN-CERT-2014-0074
dfn-cert: DFN-CERT-2014-0048

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied Vulnerabilities-08 (Oct 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect availability via un-
known vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 635

. . . continued from previous page . . .

Oracle MySQL Server 5.5.44 and earlier on windows

Vulnerability Insight
Unspecied error exists in the MySQL Server component via unknown vectors related to Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified Vulnerabilities-08 (Oct 2015) - Windows
OID:[Link].4.1.25623.1.0.805771
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-4816
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1483
cert-bund: CB-K16/1122
cert-bund: CB-K16/0791
cert-bund: CB-K16/0493
cert-bund: CB-K16/0246
cert-bund: CB-K15/1844
cert-bund: CB-K15/1600
cert-bund: CB-K15/1554
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2015-1946
dfn-cert: DFN-CERT-2015-1692
dfn-cert: DFN-CERT-2015-1638

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied Vulnerabilities-02 (Jul 2015)

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 636

. . . continued from previous page . . .

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to cause denial-of-service
attack.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.43 and earlier, and 5.6.24 and earlier on Windows.

Vulnerability Insight
Unspecied errors exist in the MySQL Server component via unknown vectors related to DML,
Server : I_S, Server : Optimizer, and GIS.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified Vulnerabilities-02 (Jul 2015)
OID:[Link].4.1.25623.1.0.805929
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-2648
cve: CVE-2015-4752
cve: CVE-2015-2643
cve: CVE-2015-2582
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 637

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1202
cert-bund: CB-K15/1193
cert-bund: CB-K15/1045
cert-bund: CB-K15/1020
dfn-cert: DFN-CERT-2015-1272
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1096
dfn-cert: DFN-CERT-2015-1071

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied Vulnerabilities-01 (Oct 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect condentiality, in-
tegrity, and availability via unknown vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier on windows

. . . continues on next page . . .

2 RESULTS PER HOST 638

. . . continued from previous page . . .

Vulnerability Insight
Unspecied errors exist in the MySQL Server component via unknown vectors related to Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified Vulnerabilities-01 (Oct 2015) - Windows
OID:[Link].4.1.25623.1.0.805764
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-4913
cve: CVE-2015-4830
cve: CVE-2015-4826
cve: CVE-2015-4815
cve: CVE-2015-4807
cve: CVE-2015-4802
cve: CVE-2015-4792
cve: CVE-2015-4870
cve: CVE-2015-4861
cve: CVE-2015-4858
cve: CVE-2015-4836
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1483
cert-bund: CB-K16/1122
cert-bund: CB-K16/0791
cert-bund: CB-K16/0646
cert-bund: CB-K16/0493
cert-bund: CB-K16/0246
cert-bund: CB-K16/0245
cert-bund: CB-K15/1844
. . . continues on next page . . .
2 RESULTS PER HOST 639

. . . continued from previous page . . .

cert-bund: CB-K15/1600
cert-bund: CB-K15/1554
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-0845
dfn-cert: DFN-CERT-2016-0695
dfn-cert: DFN-CERT-2016-0532
dfn-cert: DFN-CERT-2016-0266
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2015-1946
dfn-cert: DFN-CERT-2015-1692
dfn-cert: DFN-CERT-2015-1638

Medium (CVSS: 4.0)

NVT: MySQL Unspecied vulnerability-06 (Jul 2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote authenticated users to aect availability via unknown
vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL 5.5.31 and earlier on Windows.

Vulnerability Insight
Unspecied error in the MySQL Server component via unknown vectors related to Server Parser.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 640

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: MySQL Unspecified vulnerability-06 (Jul 2013) - Windows
OID:[Link].4.1.25623.1.0.803728
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-3783
url: [Link]
url: [Link]
cert-bund: CB-K13/1072
cert-bund: CB-K13/0620
dfn-cert: DFN-CERT-2013-2099
dfn-cert: DFN-CERT-2013-1599
dfn-cert: DFN-CERT-2013-1553
dfn-cert: DFN-CERT-2013-1478

Medium (CVSS: 4.0)

NVT: MySQL Unspecied vulnerability-04 (Jul 2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote authenticated users to aect availability via unknown
vectors.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 641

. . . continued from previous page . . .

Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier and 5.6.10 on Windows.

Vulnerability Insight
Unspecied error in the MySQL Server component via unknown vectors related to Server Options.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: MySQL Unspecified vulnerability-04 (Jul 2013) - Windows
OID:[Link].4.1.25623.1.0.803726
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-3808
url: [Link]
url: [Link]
cert-bund: CB-K13/0620
dfn-cert: DFN-CERT-2013-1599
dfn-cert: DFN-CERT-2013-1553
dfn-cert: DFN-CERT-2013-1478

Medium (CVSS: 4.0)

NVT: MySQL Unspecied vulnerabilities-02 (Jul 2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
. . . continues on next page . . .
2 RESULTS PER HOST 642

. . . continued from previous page . . .

Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow remote authenticated users to aect integrity and availability
via unknown vectors and cause denial of service.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL 5.5.31 and earlier, 5.6.11 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Server Repli-
cation, Audit Log and Data Manipulation Language.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: MySQL Unspecified vulnerabilities-02 (Jul 2013) - Windows
OID:[Link].4.1.25623.1.0.803724
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-3812
cve: CVE-2013-3809
cve: CVE-2013-3793
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/1072
cert-bund: CB-K13/0620
dfn-cert: DFN-CERT-2013-2099
dfn-cert: DFN-CERT-2013-1599
dfn-cert: DFN-CERT-2013-1553
dfn-cert: DFN-CERT-2013-1478
2 RESULTS PER HOST 643

Medium (CVSS: 4.0)

NVT: MySQL Server Component Partition Unspecied Vulnerability

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20-log
Fixed version: 5.5.22

Impact
Successful exploitation could allow remote authenticated users to aect availability via unknown
vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
MySQL version 5.5.x before 5.5.22

Vulnerability Insight
Unspecied error in MySQL Server component related to Partition.

Vulnerability Detection Method

Details: MySQL Server Component Partition Unspecified Vulnerability
OID:[Link].4.1.25623.1.0.803801
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-1697
. . . continues on next page . . .
2 RESULTS PER HOST 644

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
,→pendixMSQL
dfn-cert: DFN-CERT-2012-0939
dfn-cert: DFN-CERT-2012-0735

Medium (CVSS: 4.0)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities - 01 (May 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.35 and earlier and 5.6.15 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Partition,
Replication and XML subcomponent.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities - 01 (May 2014) - Windows
OID:[Link].4.1.25623.1.0.804574
. . . continues on next page . . .
2 RESULTS PER HOST 645

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-0384
cve: CVE-2014-2419
cve: CVE-2014-2438
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0710
cert-bund: CB-K14/0464
cert-bund: CB-K14/0452
dfn-cert: DFN-CERT-2014-0742
dfn-cert: DFN-CERT-2014-0477
dfn-cert: DFN-CERT-2014-0459

Medium (CVSS: 4.0)

NVT: MySQL Unspecied vulnerabilities-01 (Jul 2013) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 646

. . . continued from previous page . . .

Successful exploitation will allow remote authenticated users to aect availability via unknown
vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, 5.6.11 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Full Text
Search and Server Optimizer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: MySQL Unspecified vulnerabilities-01 (Jul 2013) - Windows
OID:[Link].4.1.25623.1.0.803723
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-3804
cve: CVE-2013-3802
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/1072
cert-bund: CB-K13/0620
dfn-cert: DFN-CERT-2013-2099
dfn-cert: DFN-CERT-2013-1599
dfn-cert: DFN-CERT-2013-1553
dfn-cert: DFN-CERT-2013-1478

[ return to [Link] ]

2.1.19 Medium 3000/tcp

2 RESULTS PER HOST 647

Medium (CVSS: 6.5)

NVT: Ruby on Rails < [Link] DoS Vulnerability

Summary
Ruby on Rails is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation would allow an attacker to render legitimate users unable to use the
application.

Solution:
Solution type: VendorFix
Update to version [Link] or later.

Aected Software/OS
Ruby on Rails through version [Link].

Vulnerability Insight
An untrusted user may run any pending migration in production.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails < [Link] DoS Vulnerability
OID:[Link].4.1.25623.1.0.113716
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2020-8185
url: [Link]
cert-bund: CB-K20/0604
dfn-cert: DFN-CERT-2021-0842
dfn-cert: DFN-CERT-2020-2327
2 RESULTS PER HOST 648

Medium (CVSS: 6.1)

NVT: Ruby on Rails Action View XSS Vulnerability (Aug 2016) - Windows

Summary
Ruby on Rails is prone to a cross-site scripting (XSS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to inject arbitrary web script or HTML via
crafted parameters.

Solution:
Solution type: VendorFix
Update to version [Link], [Link], [Link] or later.

Aected Software/OS
Ruby on Rails 3.x before [Link], Ruby on Rails 4.x before [Link] and Ruby on Rails 5.x before
[Link] on Windows.

Vulnerability Insight
The aw is due to the Text declared as 'HTML safe' when passed as an attribute value to a tag
helper will not have quotes escaped which can lead to an XSS attack.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Action View XSS Vulnerability (Aug 2016) - Windows
OID:[Link].4.1.25623.1.0.807379
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2016-6316
url: [Link]
url: [Link]
url: [Link]
,→FrCwDAAJ
url: [Link]
,→have-been-released
cert-bund: CB-K17/1730
. . . continues on next page . . .
2 RESULTS PER HOST 649

. . . continued from previous page . . .

cert-bund: CB-K16/1256
dfn-cert: DFN-CERT-2017-1809
dfn-cert: DFN-CERT-2016-1321

Medium (CVSS: 5.9)

NVT: Ruby on Rails Information Disclosure Vulnerability (GHSA-rmj8-8hhh-gv5h) - Windows

Summary
Ruby on Rails is prone to an information disclosure vulnerability in puma.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Solution:
Solution type: VendorFix
Update to version [Link], [Link], [Link], [Link] or later.

Aected Software/OS
Ruby on Rails version 5.x through 7.0.x.

Vulnerability Insight
Puma may not always call close on the response body. Rails depends on the response body being
closed in order for its CurrentAttributes implementation to work correctly.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Information Disclosure Vulnerability (GHSA-rmj8-8hhh-gv5h) - Wind.
,→..
OID:[Link].4.1.25623.1.0.147673
Version used: 2022-02-24T[Link]Z

References
cve: CVE-2022-23634
url: [Link]
dfn-cert: DFN-CERT-2024-0625
dfn-cert: DFN-CERT-2022-1898
dfn-cert: DFN-CERT-2022-1891
dfn-cert: DFN-CERT-2022-1506
dfn-cert: DFN-CERT-2022-1409
. . . continues on next page . . .
2 RESULTS PER HOST 650

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-1267
dfn-cert: DFN-CERT-2022-1195
dfn-cert: DFN-CERT-2022-1187
dfn-cert: DFN-CERT-2022-0992

Medium (CVSS: 5.3)

NVT: Ruby on Rails Active Model Security Bypass Vulnerability (Jan 2016) - Windows

Summary
Ruby on Rails is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to bypass intended change restrictions by
leveraging use of the nested attributes feature.

Solution:
Solution type: VendorFix
Update to version [Link], [Link] or later.

Aected Software/OS
Ruby on Rails 4.1.x before [Link], Ruby on Rails 4.2.x before [Link] on Windows.

Vulnerability Insight
The aw is due to Ruby on Rails supports the use of instance-level writers for class accessors.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Active Model Security Bypass Vulnerability (Jan 2016) - Windows
OID:[Link].4.1.25623.1.0.809360
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2016-0753
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1085
. . . continues on next page . . .
2 RESULTS PER HOST 651

. . . continued from previous page . . .

cert-bund: CB-K16/0625
cert-bund: CB-K16/0254
cert-bund: CB-K16/0238
cert-bund: CB-K16/0236
cert-bund: CB-K16/0166
cert-bund: CB-K16/0165
dfn-cert: DFN-CERT-2016-0674
dfn-cert: DFN-CERT-2016-0272
dfn-cert: DFN-CERT-2016-0259
dfn-cert: DFN-CERT-2016-0258
dfn-cert: DFN-CERT-2016-0181
dfn-cert: DFN-CERT-2016-0178

Medium (CVSS: 5.3)

NVT: Ruby on Rails Action View 'render' Directory Traversal Vulnerability (Feb 2016) - Win-
dows

Summary
Ruby on Rails is prone to a directory traversal vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to read arbitrary les by leveraging an ap-
plication's unrestricted use of the render method.

Solution:
Solution type: VendorFix
Update to version [Link], [Link] or later.

Aected Software/OS
Ruby on Rails versions before [Link] and 4.x before [Link] on Windows.

Vulnerability Insight
The aw is due to an improper validation of crafted requests to action view, one of the components
of action pack.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 652

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Action View 'render' Directory Traversal Vulnerability (Feb 2016).
,→..
OID:[Link].4.1.25623.1.0.809354
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2016-2097
url: [Link]
url: [Link]
url: [Link]
,→AJ
cert-bund: WID-SEC-2022-2271
cert-bund: CB-K16/0522
cert-bund: CB-K16/0419
cert-bund: CB-K16/0372
dfn-cert: DFN-CERT-2022-2796
dfn-cert: DFN-CERT-2016-0566
dfn-cert: DFN-CERT-2016-0458
dfn-cert: DFN-CERT-2016-0404

Medium (CVSS: 5.3)

NVT: Ruby on Rails Active Record Security Bypass Vulnerability (Jan 2016) - Windows

Summary
Ruby on Rails is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: [Link]
Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to bypass intended change restrictions by
leveraging use of the nested attributes feature.

Solution:
Solution type: VendorFix
Update to version [Link], [Link], [Link] or later.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 653

. . . continued from previous page . . .

Ruby on Rails before 3.1.x and 3.2.x before [Link], Ruby on Rails 4.0.x and 4.1.x before [Link]
and Ruby on Rails 4.2.x before [Link] on Windows.

Vulnerability Insight
The aw is due to the script 'activerecord/lib/active_record/nested_attributes.rb' does not
properly implement a certain destroy option.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Active Record Security Bypass Vulnerability (Jan 2016) - Windows
OID:[Link].4.1.25623.1.0.809358
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2015-7577
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1085
cert-bund: CB-K17/0278
cert-bund: CB-K16/0625
cert-bund: CB-K16/0419
cert-bund: CB-K16/0254
cert-bund: CB-K16/0166
cert-bund: CB-K16/0165
dfn-cert: DFN-CERT-2017-0284
dfn-cert: DFN-CERT-2016-0674
dfn-cert: DFN-CERT-2016-0458
dfn-cert: DFN-CERT-2016-0272
dfn-cert: DFN-CERT-2016-0181
dfn-cert: DFN-CERT-2016-0178

Medium (CVSS: 5.0)

NVT: Ruby on Rails Active Support DoS Vulnerability (Jun 2015) - Windows

Summary
Ruby on Rails is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: 4.1.11
Installation
path / port: /

. . . continues on next page . . .

2 RESULTS PER HOST 654

. . . continued from previous page . . .

Impact
Successful exploitation will allow a remote attacker to cause denial of service attack.

Solution:
Solution type: VendorFix
Update to version 4.1.11, 4.2.2 or later.

Aected Software/OS
Ruby on Rails before 4.1.11 and Ruby on Rails 4.2.x before 4.2.2 on Windows.

Vulnerability Insight
The aw is due to Specially crafted XML documents can cause applications to raise a System-
StackError and potentially cause a denial of service attack.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Active Support DoS Vulnerability (Jun 2015) - Windows
OID:[Link].4.1.25623.1.0.807383
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2015-3227
url: [Link]
url: [Link]
,→Lnxvk/x4EocXnHPp8J
cert-bund: CB-K16/0166
cert-bund: CB-K15/1056
cert-bund: CB-K15/0856
dfn-cert: DFN-CERT-2016-0181
dfn-cert: DFN-CERT-2015-1111
dfn-cert: DFN-CERT-2015-0899

Medium (CVSS: 4.3)

NVT: Ruby on Rails < 5.2.5, 6.x < 6.0.4 CSRF Vulnerability

Summary
Ruby on Rails is prone to a cross-site request forgery (CSRF) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: 5.2.5
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 655

. . . continued from previous page . . .

path / port: /

Impact
Successful exploitation would allow an authenticated attacer to perform actions in the context
of another user.

Solution:
Solution type: VendorFix
Update to version 5.2.5, 6.0.4 or later.

Aected Software/OS
Ruby on Rails through version 5.2.4 and versions 6.0.0 through 6.0.3.

Vulnerability Insight
An attacker can use a global CSRF token, as can be found in the authenticity_token meta tag,
to forge form-specic CSRF tokens.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails < 5.2.5, 6.x < 6.0.4 CSRF Vulnerability
OID:[Link].4.1.25623.1.0.113714
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2020-8166
url: [Link]
cert-bund: WID-SEC-2023-1093
cert-bund: CB-K20/0477
dfn-cert: DFN-CERT-2024-0110
dfn-cert: DFN-CERT-2021-0842
dfn-cert: DFN-CERT-2020-2327
dfn-cert: DFN-CERT-2020-2093

Medium (CVSS: 4.3)

NVT: Ruby on Rails Active Support XSS Vulnerability (Jun 2015) - Windows

Summary
Ruby on Rails is prone to a cross-site scripting (XSS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 4.1.1
Fixed version: 4.1.11
. . . continues on next page . . .
2 RESULTS PER HOST 656

. . . continued from previous page . . .

Installation
path / port: /

Impact
Successful exploitation will allow a remote attacker to inject arbitrary web script or HTML via
crafted parameters.

Solution:
Solution type: VendorFix
Update to version 4.2.2, 4.1.11 or later.

Aected Software/OS
Ruby on Rails versions 3.x, 3.0.x, 3.1.x, 3.2.x, 4.1.x before 4.1.11, 4.2.x before 4.2.2 on Linux.

Vulnerability Insight
The aw is due to error in handling 'ActiveSupport::[Link]' method which can lead to an
XSS attack.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Ruby on Rails Active Support XSS Vulnerability (Jun 2015) - Windows
OID:[Link].4.1.25623.1.0.807381
Version used: 2025-09-09T[Link]Z

References
cve: CVE-2015-3226
url: [Link]
url: [Link]
,→ck3hU/3QZrGIaQW6cJ
cert-bund: CB-K16/0166
cert-bund: CB-K15/0856
dfn-cert: DFN-CERT-2016-0181
dfn-cert: DFN-CERT-2015-0899

[ return to [Link] ]

2.1.20 Medium 8020/tcp

Medium (CVSS: 6.1)

NVT: ManageEngine Desktop Central <= 9.1.099 Multiple XSS Vulnerabilities

Summary
ManageEngine Desktop Central is prone to multiple cross-site scripting (XSS) vulnerabilities.
. . . continues on next page . . .
2 RESULTS PER HOST 657

. . . continued from previous page . . .

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 9.1.084
Fixed version: 9.2.026
Installation
path / port: /

Impact
Successful exploitation will allow attacker to execute arbitrary script code in the browser of
an unsuspecting user in the context of the aected site. This may allow the attacker to steal
cookie-based authentication credentials and to launch other attacks.

Solution:
Solution type: VendorFix
Update to version 9.2.026 or later.

Aected Software/OS
ManageEngine Desktop Central version 9.1.099 and prior.

Vulnerability Insight
The aw allows to inject client-side script into Desktop Centrals web page.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: ManageEngine Desktop Central <= 9.1.099 Multiple XSS Vulnerabilities
OID:[Link].4.1.25623.1.0.812576
Version used: 2022-04-13T[Link]Z

References
cve: CVE-2018-8722
url: [Link]
,→[Link]
url: [Link]

Medium (CVSS: 5.0)

NVT: '/WEB-INF../' Information Disclosure Vulnerability (HTTP)

Summary
Various application or web servers / products are prone to an information disclosure vulnerability.

Quality of Detection (QoD): 99%

. . . continues on next page . . .
2 RESULTS PER HOST 658

. . . continued from previous page . . .

Vulnerability Detection Result
Vulnerable URL: [Link]
Response (truncated):
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="[Link]
xmlns:xsi="[Link]
xsi:schemaLocation="[Link] [Link]
ns/j2ee/web-app_2_4.xsd" version="2.4">
<!-- $Id$ -->
<!-- Added for MickeyClient Pdf Generation -->
<context-param>
<param-name>ContextPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>defaultSkin</param-name>
<param-value>woody</param-value>
</context-param>
<context-param>
<param-name>useInstantFeedback</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>mailServerName</param-name>
<param-value>[Link]</param-value>
</context-param>
<context-param>
<param-name>instantFeedbackAddress</param-name>
<param-value>sym-issues@[Link]</param-value>
</context-param>
<context-param>
<param-name>AUTO_IMPORT_USER</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>PARAMETER-ENCODING</param-name>
<param-value>UTF-8</param-value>
</context-param>
<listener>
<listener-class>[Link]
,→ngListener</listener-class>
</listener>
<!-- SDP-DC integration -->
<listener>
<listener-class>[Link]</listener
,→-class>
</listener>
. . . continues on next page . . .
2 RESULTS PER HOST 659

. . . continued from previous page . . .

<!-- SDP-DC integra

Impact
Based on the information provided in this le an attacker might be able to gather additional info
and / or sensitive data about the application / the application / web server.

Solution:
Solution type: VendorFix
Please contact the vendor for more information on possible xes.

Aected Software/OS
The following products are known to be aected:
- Caucho Resin version 2.1.12 on Apache HTTP server version 1.3.29
Other products and versions might be aected as well.

Vulnerability Insight
The servlet specication prohibits servlet containers from serving resources in the '/WEB-INF'
and '/META-INF' directories of a web application archive directly to clients.
This means that URLs like:
[Link]
will return an error message, rather than the contents of the deployment descriptor.
However, some application or web servers / products are prone to a vulnerability that exposes
this information if the client requests a URL like this instead:
[Link]
[Link]
(note the double dot ('..') after 'WEB-INF').

Vulnerability Detection Method

Sends a crafted HTTP GET request and checks the response.
Details: '/WEB-INF../' Information Disclosure Vulnerability (HTTP)
OID:[Link].4.1.25623.1.0.117221
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2004-0281
url: [Link]
url: [Link]

Medium (CVSS: 5.0)

NVT: '/WEB-INf./' Information Disclosure Vulnerability (HTTP)

Summary
Various application or web servers / products are prone to an information disclosure vulnerability.

. . . continues on next page . . .

2 RESULTS PER HOST 660

. . . continued from previous page . . .

Quality of Detection (QoD): 99%
Vulnerability Detection Result
Vulnerable URL: [Link]
Response (truncated):
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="[Link]
xmlns:xsi="[Link]
xsi:schemaLocation="[Link] [Link]
ns/j2ee/web-app_2_4.xsd" version="2.4">
<!-- $Id$ -->
<!-- Added for MickeyClient Pdf Generation -->
<context-param>
<param-name>ContextPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>defaultSkin</param-name>
<param-value>woody</param-value>
</context-param>
<context-param>
<param-name>useInstantFeedback</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>mailServerName</param-name>
<param-value>[Link]</param-value>
</context-param>
<context-param>
<param-name>instantFeedbackAddress</param-name>
<param-value>sym-issues@[Link]</param-value>
</context-param>
<context-param>
<param-name>AUTO_IMPORT_USER</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>PARAMETER-ENCODING</param-name>
<param-value>UTF-8</param-value>
</context-param>
<listener>
<listener-class>[Link]
,→ngListener</listener-class>
</listener>
<!-- SDP-DC integration -->
<listener>
<listener-class>[Link]</listener
. . . continues on next page . . .
2 RESULTS PER HOST 661

. . . continued from previous page . . .

,→-class>
</listener>
<!-- SDP-DC integra

Impact
Based on the information provided in this le an attacker might be able to gather additional info
and / or sensitive data about the application / the application / web server.

Solution:
Solution type: VendorFix
Please contact the vendor for more information on possible xes.

Aected Software/OS
The following products are known to be aected:
- A miscongured reverse proxy.
Other products might be aected as well.

Vulnerability Insight
The servlet specication prohibits servlet containers from serving resources in the '/WEB-INF'
and '/META-INF' directories of a web application archive directly to clients.
This means that URLs like:
[Link]
will return an error message, rather than the contents of the deployment descriptor.
However, some application or web servers / products are prone to a vulnerability that exposes
this information if the client requests a URL like this instead:
[Link]
(note the 'f.' in 'WEB-INF').

Vulnerability Detection Method

Sends a crafted HTTP GET request and checks the response.
Details: '/WEB-INf./' Information Disclosure Vulnerability (HTTP)
OID:[Link].4.1.25623.1.0.117225
Version used: 2023-03-06T[Link]Z

References
url: [Link]

Medium (CVSS: 4.8)

NVT: Cleartext Transmission of Sensitive Information via HTTP

Summary
The host / application transmits sensitive information (username, passwords) in cleartext via
HTTP.

. . . continues on next page . . .

2 RESULTS PER HOST 662

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
The following input fields were identified (URL:input name):
[Link]

Impact
An attacker could use this situation to compromise or eavesdrop on the HTTP communication
between the client and the server using a man-in-the-middle attack to get access to sensitive data
like usernames or passwords.

Solution:
Solution type: Workaround
Enforce the transmission of sensitive data via an encrypted SSL/TLS connection. Additionally
make sure the host / application is redirecting all users to the secured SSL/TLS connection
before allowing to input sensitive data into the mentioned functions.

Aected Software/OS
Hosts / applications which doesn't enforce the transmission of sensitive data via an encrypted
SSL/TLS connection.

Vulnerability Detection Method

Evaluate previous collected information and check if the host / application is not enforcing the
transmission of sensitive data via an encrypted SSL/TLS connection.
The script is currently checking the following:
- HTTP Basic Authentication (Basic Auth)
- HTTP Forms (e.g. Login) with input eld of type 'password'
Details: Cleartext Transmission of Sensitive Information via HTTP
OID:[Link].4.1.25623.1.0.108440
Version used: 2023-09-07T[Link]Z

References
url: [Link]
,→ssion_Management
url: [Link]
url: [Link]

Medium (CVSS: 4.3)

NVT: ManageEngine Desktop Central <= 9.1.099 Reected XSS Vulnerability

Summary
ManageEngine Desktop Central is prone to a reected cross-site scripting (XSS) vulnerability.

. . . continues on next page . . .

2 RESULTS PER HOST 663

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Installed version: 9.1.084
Fixed version: 9.2.026
Installation
path / port: /

Impact
Successful exploitation will allow attacker to cause cross site scripting and steal the cookie of
other active sessions.

Solution:
Solution type: VendorFix
Update to version 9.2.026 or later.

Aected Software/OS
ManageEngine Desktop Central version 9.1.099 and prior.

Vulnerability Insight
The aw exists as input passed via 'To' parameter of 'Specify Delivery Format' is not validated
properly.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: ManageEngine Desktop Central <= 9.1.099 Reflected XSS Vulnerability
OID:[Link].4.1.25623.1.0.807741
Version used: 2021-09-23T[Link]Z

References
url: [Link]

[ return to [Link] ]

2.1.21 Medium general/tcp

Medium (CVSS: 6.9)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerability (3063858)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-063.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 664

. . . continued from previous page . . .

Vulnerability Detection Result

The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to gain elevated privileges on aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw exists in the Windows LoadLibrary as it fails to properly validate user input.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Privilege Elevation Vulnerability (3063858)
OID:[Link].4.1.25623.1.0.805583
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1758
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0783
dfn-cert: DFN-CERT-2015-0827

Medium (CVSS: 6.9)

NVT: Microsoft File Handling Component Remote Code Execution Vulnerability (2922229)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-019.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 665

. . . continued from previous page . . .

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to execute arbitrary code and potentially compromise
user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows XP x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
Flaw is due to an improper path restrictions when processing .bat and .cmd les related to the
'CreateProcess' function.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft File Handling Component Remote Code Execution Vulnerability (2922229)
OID:[Link].4.1.25623.1.0.804375
Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-0315
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0408
dfn-cert: DFN-CERT-2014-0426
2 RESULTS PER HOST 666

Medium (CVSS: 6.9)

NVT: Microsoft Windows Service Control Manager Privilege Elevation Vulnerability (2872339)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-077.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with kernel-mode
privileges within the context of the Service Control Manager or corrupt memory.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to a double-free error in the Service Control Manager ([Link]) when handling
service descriptions from the registry.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Service Control Manager Privilege Elevation Vulnerability (28.
,→..
OID:[Link].4.1.25623.1.0.902993
Version used: 2025-09-05T[Link]Z

References
cve: CVE-2013-3862
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/0631
dfn-cert: DFN-CERT-2013-1623
2 RESULTS PER HOST 667

Medium (CVSS: 6.9)

NVT: Microsoft Windows HID Functionality (Over USB) Code Execution Vulnerability (Jan
2011)

Summary
A USB device driver software is prone to a code execution vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked for existence: C:\Windows\system32\[Link]

Impact
Successful exploitation will allow user-assisted attackers to execute arbitrary programs via crafted
USB data.

Solution:
Solution type: Workaround
No solution or patch was made available for at least one year since disclosure of this vulnerability.
Likely none will be provided anymore. General solution options are to upgrade to a newer release,
disable respective features, remove the product or replace the product by another one.
A workaround is to introduce device ltering on the target host to only allow trusted USB devices
to be enabled automatically. Once this workaround is in place an overwrite for this vulnerability
can be created to mark it as a false positive.

Aected Software/OS
All Microsoft Windows systems with an enabled USB device driver and no local protection
mechanism against the automatic enabling of additional Human Interface Device (HID).

Vulnerability Insight
The aw is due to error in USB device driver ([Link]), which does not properly warn the
user before enabling additional Human Interface Device (HID) functionality.

Vulnerability Detection Method

Checks via SMB if a specic device driver ([Link]) exists on the target system.
Details: Microsoft Windows HID Functionality (Over USB) Code Execution Vulnerability (Ja.
,→..
OID:[Link].4.1.25623.1.0.801581
Version used: 2023-01-12T[Link]Z

References
cve: CVE-2011-0638
url: [Link]
url: [Link]
url: [Link]
2 RESULTS PER HOST 668

Medium (CVSS: 6.9)

NVT: Microsoft Windows Installer Service Privilege Escalation Vulnerability (3072630)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-074.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 5.0.7601.17514
Vulnerable range: Less than 5.0.7601.18896

Impact
Successful exploitation will allow attackers to elevate privileges on a targeted system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
An elevation of privilege vulnerability exists in some cases in the Windows Installer service when
it improperly runs custom action scripts.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Installer Service Privilege Escalation Vulnerability (3072630)
OID:[Link].4.1.25623.1.0.805078
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2371
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 669

. . . continued from previous page . . .

cert-bund: CB-K15/1037
cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1094
dfn-cert: DFN-CERT-2015-1060

Medium (CVSS: 6.9)

NVT: Microsoft Windows SCM Privilege_Escalation Vulnerability (3055642)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-050.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow local attacker to gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw is due to an error in Service Control Manager (SCM) that is due to a failure to properly
verify impersonation levels.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows SCM Privilege_Escalation Vulnerability (3055642)
OID:[Link].4.1.25623.1.0.805615
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1702
. . . continues on next page . . .
2 RESULTS PER HOST 670

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0668
dfn-cert: DFN-CERT-2015-0689

Medium (CVSS: 6.8)

NVT: Oracle Java SE Security Update (oct2021) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability and con-
dentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 11.0.12 and earlier, 17 and earlier on
Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' and 'JSSE' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 02 - Windows
OID:[Link].4.1.25623.1.0.818828
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35567
cve: CVE-2021-35578
. . . continues on next page . . .
2 RESULTS PER HOST 671

. . . continued from previous page . . .

url: [Link]
cert-bund: WID-SEC-2023-0426
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-0908
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0196
cert-bund: CB-K22/0310
cert-bund: CB-K22/0239
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2022-1721
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-0580
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2021-2566
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2498
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194

Medium (CVSS: 6.8)

NVT: Oracle Java SE Security Updates (oct2019-5072832) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attacker to have an impact on
condentiality, integrity and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 672

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 7u231([Link]) and earlier, 8u221([Link]) and earlier, 11.0.4 and
earlier, 13 on Windows.

Vulnerability Insight
Multiple aws exist due to errors in 'Kerberos', 'Networking', 'Libraries', 'Javadoc', '2D', 'Con-
currency', 'JAXP', 'Security' and 'Serialization' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2019-5072832) 01 - Windows
OID:[Link].4.1.25623.1.0.815638
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2949
cve: CVE-2019-2989
cve: CVE-2019-2958
cve: CVE-2019-2999
cve: CVE-2019-2962
cve: CVE-2019-2988
cve: CVE-2019-2992
cve: CVE-2019-2964
cve: CVE-2019-2973
cve: CVE-2019-2981
cve: CVE-2019-2978
cve: CVE-2019-2894
cve: CVE-2019-2983
cve: CVE-2019-2933
cve: CVE-2019-2945
url: [Link]
,→l
cert-bund: WID-SEC-2023-0524
cert-bund: WID-SEC-2023-0016
cert-bund: CB-K20/0895
cert-bund: CB-K20/0586
cert-bund: CB-K20/0139
cert-bund: CB-K19/1121
cert-bund: CB-K19/0910
dfn-cert: DFN-CERT-2020-1984
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-1275
dfn-cert: DFN-CERT-2020-0577
dfn-cert: DFN-CERT-2020-0530
. . . continues on next page . . .
2 RESULTS PER HOST 673

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2019-2161
dfn-cert: DFN-CERT-2019-2155

Medium (CVSS: 6.8)

NVT: Oracle Java SE Security Updates (oct2019-5072832) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attacker to have an impact on
condentiality, integrity and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u231([Link]) and earlier, 8u221([Link]) and earlier, 11.0.4 and
earlier, 13 on Windows.

Vulnerability Insight
Multiple aws exist due to errors in 'Kerberos', 'Networking', 'Libraries', 'Javadoc', '2D', 'Con-
currency', 'JAXP', 'Security' and 'Serialization' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2019-5072832) 01 - Windows
OID:[Link].4.1.25623.1.0.815638
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2949
cve: CVE-2019-2989
cve: CVE-2019-2958
. . . continues on next page . . .
2 RESULTS PER HOST 674

. . . continued from previous page . . .

cve: CVE-2019-2999
cve: CVE-2019-2962
cve: CVE-2019-2988
cve: CVE-2019-2992
cve: CVE-2019-2964
cve: CVE-2019-2973
cve: CVE-2019-2981
cve: CVE-2019-2978
cve: CVE-2019-2894
cve: CVE-2019-2983
cve: CVE-2019-2933
cve: CVE-2019-2945
url: [Link]
,→l
cert-bund: WID-SEC-2023-0524
cert-bund: WID-SEC-2023-0016
cert-bund: CB-K20/0895
cert-bund: CB-K20/0586
cert-bund: CB-K20/0139
cert-bund: CB-K19/1121
cert-bund: CB-K19/0910
dfn-cert: DFN-CERT-2020-1984
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-1275
dfn-cert: DFN-CERT-2020-0577
dfn-cert: DFN-CERT-2020-0530
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2019-2161
dfn-cert: DFN-CERT-2019-2155

Medium (CVSS: 6.8)

NVT: Microsoft Update to Improve Cryptography and Digital Certicate Handling (2854544)

Summary
This host is missing an important security update according to Microsoft Security Advisory
(2854544).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 675

. . . continued from previous page . . .

Successful exploitation could allow remote attackers to perform man-in-the-middle attack during
a Windows Update session that basically redirects the user's machine to a phony update with
the malware.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to a Flame modules named 'Gadget' and 'Munch', used to infect other machines
in the same network as the targeted machine.

Vulnerability Detection Method

Details: Microsoft Update to Improve Cryptography and Digital Certificate Handling (2854.
,→..
OID:[Link].4.1.25623.1.0.903310
Version used: 2025-03-05T[Link]Z

References
url: [Link]
url: [Link]
,→854544
url: [Link]
,→tal-certi/240001452

Medium (CVSS: 6.8)

NVT: Oracle Java SE Security Update (oct2021) 02 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
. . . continues on next page . . .
2 RESULTS PER HOST 676

. . . continued from previous page . . .

Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability and con-
dentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 11.0.12 and earlier, 17 and earlier on
Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' and 'JSSE' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 02 - Windows
OID:[Link].4.1.25623.1.0.818828
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35567
cve: CVE-2021-35578
url: [Link]
cert-bund: WID-SEC-2023-0426
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-0908
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0196
cert-bund: CB-K22/0310
cert-bund: CB-K22/0239
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2022-1721
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-0580
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2021-2566
dfn-cert: DFN-CERT-2021-2530
. . . continues on next page . . .
2 RESULTS PER HOST 677

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-2498
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194

Medium (CVSS: 6.8)

NVT: Microsoft USB Mass Storage Class Driver Privilege Elevation Vulnerability (3143142)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-033

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\Drivers\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19144

Impact
Successful exploitation will allow an attacker to run arbitrary code in kernel mode.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 10 x32/x64

Vulnerability Insight
The aw is due to Windows USB Mass Storage Class driver fails to properly validate objects in
memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft USB Mass Storage Class Driver Privilege Elevation Vulnerability (3143.
,→..
OID:[Link].4.1.25623.1.0.806898
. . . continues on next page . . .
2 RESULTS PER HOST 678

. . . continued from previous page . . .

Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0133
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/0546
cert-bund: CB-K16/0383
dfn-cert: DFN-CERT-2016-0589
dfn-cert: DFN-CERT-2016-0412

Medium (CVSS: 6.8)

NVT: Oracle Java SE Security Updates (jan2018-3236628) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attackers to access data.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, 9.0.1 and earlier on Windows

Vulnerability Insight
Multiple aws exist due to:
- An error in the 'JGSS' sub-component of application.
- An error in the 'JavaFX' sub-component of application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 04 - Windows
. . . continues on next page . . .
2 RESULTS PER HOST 679

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.812640
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2634
cve: CVE-2018-2581
url: [Link]
cert-bund: CB-K18/0808
cert-bund: CB-K18/0636
cert-bund: CB-K18/0091
dfn-cert: DFN-CERT-2018-1703
dfn-cert: DFN-CERT-2018-0816
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0102

Medium (CVSS: 6.8)

NVT: Microsoft Windows SAM and LSAD Privilege Elevation Vulnerability (3148527)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-047

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23390

Impact
Successful exploitation will allow an authenticated user to execute code with elevated privileges
that could gain access to the SAM database.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 680

. . . continued from previous page . . .

- Microsoft Windows 10 x32/x64

Vulnerability Insight
Multiple aws are due to the way the SAM and LSAD remote protocols establish the Remote
Procedure Call (RPC) channel.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows SAM and LSAD Privilege Elevation Vulnerability (3148527)
OID:[Link].4.1.25623.1.0.807660
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0128
url: [Link]
url: [Link]
cert-bund: CB-K16/0546
dfn-cert: DFN-CERT-2016-0589

Medium (CVSS: 6.8)

NVT: Oracle Java SE Security Updates (jan2018-3236628) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation of this vulnerability will allow remote attackers to access data.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, 9.0.1 and earlier on Windows

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 681

. . . continued from previous page . . .

Multiple aws exist due to:
- An error in the 'JGSS' sub-component of application.
- An error in the 'JavaFX' sub-component of application.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 04 - Windows
OID:[Link].4.1.25623.1.0.812640
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2634
cve: CVE-2018-2581
url: [Link]
cert-bund: CB-K18/0808
cert-bund: CB-K18/0636
cert-bund: CB-K18/0091
dfn-cert: DFN-CERT-2018-1703
dfn-cert: DFN-CERT-2018-0816
dfn-cert: DFN-CERT-2018-0645
dfn-cert: DFN-CERT-2018-0102

Medium (CVSS: 6.8)

NVT: Microsoft Digital Certicates Security Advisory (2916652)

Summary
This host is missing an important security update according to Microsoft advisory (2916652).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to spoof content, perform phishing attacks, or perform
man-in-the-middle attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 682

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aw is due to DG Tresor which improperly issued a subordinate CA certicate

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Digital Certificates Security Advisory (2916652)
OID:[Link].4.1.25623.1.0.803978
Version used: 2023-07-27T[Link]Z

References
url: [Link]
url: [Link]

Medium (CVSS: 6.5)

NVT: Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3034682)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-009.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow context
- dependent attacker to corrupt memory, execute arbitrary code and compromise a user's system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x/11.x.

Vulnerability Insight
Multiple aws are due to an error related to display:run-in handling, user supplied input is not
properly validated and multiple unspecied vulnerabilities.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 683

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3034682)
OID:[Link].4.1.25623.1.0.805136
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2014-8967
cve: CVE-2015-0017
cve: CVE-2015-0018
cve: CVE-2015-0019
cve: CVE-2015-0020
cve: CVE-2015-0021
cve: CVE-2015-0022
cve: CVE-2015-0023
cve: CVE-2015-0025
cve: CVE-2015-0026
cve: CVE-2015-0027
cve: CVE-2015-0028
cve: CVE-2015-0029
cve: CVE-2015-0030
cve: CVE-2015-0031
cve: CVE-2015-0035
cve: CVE-2015-0036
cve: CVE-2015-0037
cve: CVE-2015-0038
cve: CVE-2015-0039
cve: CVE-2015-0040
cve: CVE-2015-0041
cve: CVE-2015-0042
cve: CVE-2015-0043
cve: CVE-2015-0044
cve: CVE-2015-0045
cve: CVE-2015-0046
cve: CVE-2015-0048
cve: CVE-2015-0049
cve: CVE-2015-0050
cve: CVE-2015-0051
cve: CVE-2015-0052
cve: CVE-2015-0053
cve: CVE-2015-0054
cve: CVE-2015-0055
cve: CVE-2015-0066
cve: CVE-2015-0067
cve: CVE-2015-0068
cve: CVE-2015-0069
cve: CVE-2015-0070
cve: CVE-2015-0071
. . . continues on next page . . .
2 RESULTS PER HOST 684

. . . continued from previous page . . .

cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0173
cert-bund: CB-K14/1535
. . . continues on next page . . .
2 RESULTS PER HOST 685

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2015-0183
dfn-cert: DFN-CERT-2014-1629

Medium (CVSS: 6.5)

NVT: Microsoft Internet Messaging API Information Disclosure Vulnerability (3196067)

Summary
This host is missing a moderate security update according to Microsoft Bulletin MS16-126.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23545

Impact
Successful exploitation will allow an attacker to test for the presence of les on disk.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64

Vulnerability Insight
An information disclosure vulnerability exists when the Microsoft Internet Messaging API im-
properly handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Internet Messaging API Information Disclosure Vulnerability (3196067)
OID:[Link].4.1.25623.1.0.809345
Version used: 2024-07-04T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 686

. . . continued from previous page . . .

References
cve: CVE-2016-3298
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1582
cert-bund: CB-K16/1572
dfn-cert: DFN-CERT-2016-1672
dfn-cert: DFN-CERT-2016-1667

Medium (CVSS: 6.5)

NVT: Microsoft Windows XML Core Services Information Disclosure Vulnerability (4010321)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-022.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 8.110.7601.17514
Vulnerable range: Less than 8.110.7601.23648

Impact
Successful exploitation will allow remote attackers to test for the presence of les on disk.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
. . . continues on next page . . .
2 RESULTS PER HOST 687

. . . continued from previous page . . .

- Microsoft Windows Server 2016 x64

Vulnerability Insight
Flaw exists due to improper handling of objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows XML Core Services Information Disclosure Vulnerability (40103.
,→..
OID:[Link].4.1.25623.1.0.810623
Version used: 2024-07-04T[Link]Z

References
cve: CVE-2017-0022
cisa: Known Exploited Vulnerability (KEV) catalog
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451

Medium (CVSS: 6.5)

NVT: Oracle Java SE Multiple Vulnerabilities (cpujan2019) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to partially cause denial of service and access data.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 688

. . . continued from previous page . . .

Oracle Java SE version 1.7.0 to [Link], 1.8.0 to [Link] and 11.0.1 on Windows.

Vulnerability Insight
Multiple aws exist due to errors in 'ImageIO', 'Networking' and 'Libraries' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities (cpujan2019) - Windows
OID:[Link].4.1.25623.1.0.814913
Version used: 2024-02-23T[Link]Z

References
cve: CVE-2018-11212
cve: CVE-2019-2426
cve: CVE-2019-2422
url: [Link]
,→l
cert-bund: WID-SEC-2024-2180
cert-bund: WID-SEC-2022-0517
cert-bund: CB-K19/1121
cert-bund: CB-K19/0696
cert-bund: CB-K19/0640
cert-bund: CB-K19/0334
cert-bund: CB-K19/0225
cert-bund: CB-K19/0051
dfn-cert: DFN-CERT-2022-1460
dfn-cert: DFN-CERT-2022-0872
dfn-cert: DFN-CERT-2019-1944
dfn-cert: DFN-CERT-2019-1615
dfn-cert: DFN-CERT-2019-1488
dfn-cert: DFN-CERT-2019-1486
dfn-cert: DFN-CERT-2019-1107
dfn-cert: DFN-CERT-2019-1105
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2019-0478
dfn-cert: DFN-CERT-2019-0473
dfn-cert: DFN-CERT-2019-0467
dfn-cert: DFN-CERT-2019-0209
dfn-cert: DFN-CERT-2019-0154
dfn-cert: DFN-CERT-2019-0106
dfn-cert: DFN-CERT-2018-1330
2 RESULTS PER HOST 689

Medium (CVSS: 6.5)

NVT: Oracle Java SE Multiple Vulnerabilities (cpujan2019) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to partially cause denial of service and access data.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.7.0 to [Link], 1.8.0 to [Link] and 11.0.1 on Windows.

Vulnerability Insight
Multiple aws exist due to errors in 'ImageIO', 'Networking' and 'Libraries' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities (cpujan2019) - Windows
OID:[Link].4.1.25623.1.0.814913
Version used: 2024-02-23T[Link]Z

References
cve: CVE-2018-11212
cve: CVE-2019-2426
cve: CVE-2019-2422
url: [Link]
,→l
cert-bund: WID-SEC-2024-2180
cert-bund: WID-SEC-2022-0517
cert-bund: CB-K19/1121
cert-bund: CB-K19/0696
cert-bund: CB-K19/0640
cert-bund: CB-K19/0334
. . . continues on next page . . .
2 RESULTS PER HOST 690

. . . continued from previous page . . .

cert-bund: CB-K19/0225
cert-bund: CB-K19/0051
dfn-cert: DFN-CERT-2022-1460
dfn-cert: DFN-CERT-2022-0872
dfn-cert: DFN-CERT-2019-1944
dfn-cert: DFN-CERT-2019-1615
dfn-cert: DFN-CERT-2019-1488
dfn-cert: DFN-CERT-2019-1486
dfn-cert: DFN-CERT-2019-1107
dfn-cert: DFN-CERT-2019-1105
dfn-cert: DFN-CERT-2019-0618
dfn-cert: DFN-CERT-2019-0478
dfn-cert: DFN-CERT-2019-0473
dfn-cert: DFN-CERT-2019-0467
dfn-cert: DFN-CERT-2019-0209
dfn-cert: DFN-CERT-2019-0154
dfn-cert: DFN-CERT-2019-0106
dfn-cert: DFN-CERT-2018-1330

Medium (CVSS: 6.5)

NVT: Oracle Java SE Security Update (cpujan2020 - 02) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u231 ([Link]) and earlier.

. . . continues on next page . . .

2 RESULTS PER HOST 691

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws are due to errors in components Serialization, JavaFX (libxslt), Networking, Li-
braries and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpujan2020 - 02) - Windows
OID:[Link].4.1.25623.1.0.816600
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-16168
cve: CVE-2019-13117
cve: CVE-2019-13118
cve: CVE-2020-2585
url: [Link]
cert-bund: WID-SEC-2023-1614
cert-bund: WID-SEC-2023-0234
cert-bund: CB-K20/0988
cert-bund: CB-K20/0324
cert-bund: CB-K20/0039
cert-bund: CB-K20/0038
cert-bund: CB-K19/0652
cert-bund: CB-K19/0649
cert-bund: CB-K19/0644
dfn-cert: DFN-CERT-2021-2005
dfn-cert: DFN-CERT-2021-1076
dfn-cert: DFN-CERT-2021-1070
dfn-cert: DFN-CERT-2021-0107
dfn-cert: DFN-CERT-2020-2391
dfn-cert: DFN-CERT-2020-2252
dfn-cert: DFN-CERT-2020-1840
dfn-cert: DFN-CERT-2020-1107
dfn-cert: DFN-CERT-2020-0772
dfn-cert: DFN-CERT-2020-0517
dfn-cert: DFN-CERT-2020-0513
dfn-cert: DFN-CERT-2020-0345
dfn-cert: DFN-CERT-2020-0096
dfn-cert: DFN-CERT-2020-0095
dfn-cert: DFN-CERT-2020-0062
dfn-cert: DFN-CERT-2019-2543
dfn-cert: DFN-CERT-2019-2207
dfn-cert: DFN-CERT-2019-2063
dfn-cert: DFN-CERT-2019-1951
dfn-cert: DFN-CERT-2019-1522
dfn-cert: DFN-CERT-2019-1521
dfn-cert: DFN-CERT-2019-1512
. . . continues on next page . . .
2 RESULTS PER HOST 692

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-1511
dfn-cert: DFN-CERT-2019-1501
dfn-cert: DFN-CERT-2019-1474

Medium (CVSS: 6.5)

NVT: Oracle Java SE Security Update (cpujan2020 - 02) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u231 ([Link]) and earlier.

Vulnerability Insight
Multiple aws are due to errors in components Serialization, JavaFX (libxslt), Networking, Li-
braries and Security.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpujan2020 - 02) - Windows
OID:[Link].4.1.25623.1.0.816600
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-16168
cve: CVE-2019-13117
cve: CVE-2019-13118
cve: CVE-2020-2585
. . . continues on next page . . .
2 RESULTS PER HOST 693

. . . continued from previous page . . .

url: [Link]
cert-bund: WID-SEC-2023-1614
cert-bund: WID-SEC-2023-0234
cert-bund: CB-K20/0988
cert-bund: CB-K20/0324
cert-bund: CB-K20/0039
cert-bund: CB-K20/0038
cert-bund: CB-K19/0652
cert-bund: CB-K19/0649
cert-bund: CB-K19/0644
dfn-cert: DFN-CERT-2021-2005
dfn-cert: DFN-CERT-2021-1076
dfn-cert: DFN-CERT-2021-1070
dfn-cert: DFN-CERT-2021-0107
dfn-cert: DFN-CERT-2020-2391
dfn-cert: DFN-CERT-2020-2252
dfn-cert: DFN-CERT-2020-1840
dfn-cert: DFN-CERT-2020-1107
dfn-cert: DFN-CERT-2020-0772
dfn-cert: DFN-CERT-2020-0517
dfn-cert: DFN-CERT-2020-0513
dfn-cert: DFN-CERT-2020-0345
dfn-cert: DFN-CERT-2020-0096
dfn-cert: DFN-CERT-2020-0095
dfn-cert: DFN-CERT-2020-0062
dfn-cert: DFN-CERT-2019-2543
dfn-cert: DFN-CERT-2019-2207
dfn-cert: DFN-CERT-2019-2063
dfn-cert: DFN-CERT-2019-1951
dfn-cert: DFN-CERT-2019-1522
dfn-cert: DFN-CERT-2019-1521
dfn-cert: DFN-CERT-2019-1512
dfn-cert: DFN-CERT-2019-1511
dfn-cert: DFN-CERT-2019-1501
dfn-cert: DFN-CERT-2019-1474

Medium (CVSS: 6.1)

NVT: Microsoft Windows Network Location Awareness Service Security Bypass Vulnerability
(3022777)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-005.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 694

. . . continued from previous page . . .

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to relax the rewall policy and/or congura-
tion of certain services by spoong responses of DNS or LDAP trac via a Man-in-the-Middle
attack.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
The aw is due to an error within the Network Location Awareness (NLA) service when validating
if a domain-connected computer is connected to the domain.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Network Location Awareness Service Security Bypass Vulnerabil.
,→..
OID:[Link].4.1.25623.1.0.805036
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0006
url: [Link]
,→-location-awareness-service-could-allow-security-feature-bypass-january-13-201
,→5-5a2f60a5-f721-4e2c-2a52-c4a8dd4c3b95
url: [Link]
url: [Link]
,→15-005
cert-bund: CB-K15/0038
dfn-cert: DFN-CERT-2015-0036
2 RESULTS PER HOST 695

Medium (CVSS: 6.1)

NVT: Microsoft Windows IIS Privilege Escalation Vulnerability (4013074)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-016

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23677

Impact
Successful exploitation will allow an attacker to perform cross-site scripting attacks on aected
systems and run script in the security context of the current user. These attacks could allow the
attacker to read content that the attacker is not authorized to read, use the victim's identity to
take actions on behalf of the victim, and inject malicious content in the victim's browser.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
The aw exists due to Microsoft IIS Server fails to properly sanitize a specially crafted request.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows IIS Privilege Escalation Vulnerability (4013074)
OID:[Link].4.1.25623.1.0.810815
Version used: 2023-07-25T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 696

. . . continued from previous page . . .

cve: CVE-2017-0055
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0440
dfn-cert: DFN-CERT-2017-0447

Medium (CVSS: 5.9)

NVT: Oracle Java SE Unknown Vulnerability (Jul 2025) - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to perform unauthorized modications to data, disclose
information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 11.0.x through 11.0.27, 8u451 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Unknown Vulnerability (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.836512
Version used: 2025-07-18T[Link]Z

References
cve: CVE-2025-30761
url: [Link]
cert-bund: WID-SEC-2025-1850
cert-bund: WID-SEC-2025-1569
. . . continues on next page . . .
2 RESULTS PER HOST 697

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-3170
dfn-cert: DFN-CERT-2025-2550
dfn-cert: DFN-CERT-2025-2099
dfn-cert: DFN-CERT-2025-1900
dfn-cert: DFN-CERT-2025-1899

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (apr2021) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u291 ([Link]) and earlier, 8u281 ([Link]) and earlier, 11.0.10 and
earlier, 16 on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2021) - Windows
OID:[Link].4.1.25623.1.0.818127
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-2161
cve: CVE-2021-2163
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 698

. . . continued from previous page . . .

cert-bund: WID-SEC-2025-0227
cert-bund: WID-SEC-2023-1125
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1894
cert-bund: WID-SEC-2022-1303
cert-bund: WID-SEC-2022-1261
cert-bund: WID-SEC-2022-1244
cert-bund: CB-K21/0981
cert-bund: CB-K21/0412
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2022-1934
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2223
dfn-cert: DFN-CERT-2021-1504
dfn-cert: DFN-CERT-2021-1116
dfn-cert: DFN-CERT-2021-1061
dfn-cert: DFN-CERT-2021-0978
dfn-cert: DFN-CERT-2021-0818
dfn-cert: DFN-CERT-2021-0815
dfn-cert: DFN-CERT-2021-0812

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (oct2021) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability and con-
dentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 699

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 7u311 ([Link]) and earlier, 11.0.12 and
earlier on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'JSSE' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 03 - Windows
OID:[Link].4.1.25623.1.0.818829
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35550
cve: CVE-2021-35565
url: [Link]
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-0908
cert-bund: WID-SEC-2022-0871
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0745
cert-bund: WID-SEC-2022-0712
cert-bund: WID-SEC-2022-0677
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0674
cert-bund: WID-SEC-2022-0515
cert-bund: WID-SEC-2022-0484
cert-bund: WID-SEC-2022-0472
cert-bund: WID-SEC-2022-0447
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0386
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0203
cert-bund: WID-SEC-2022-0196
cert-bund: WID-SEC-2022-0024
cert-bund: CB-K22/0675
cert-bund: CB-K22/0239
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2022-1721
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-1456
. . . continues on next page . . .
2 RESULTS PER HOST 700

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1247
dfn-cert: DFN-CERT-2022-0451
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2438
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (oct2021) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability and con-
dentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 7u311 ([Link]) and earlier, 11.0.12 and
earlier on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'JSSE' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 03 - Windows
. . . continues on next page . . .
2 RESULTS PER HOST 701

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.818829
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35550
cve: CVE-2021-35565
url: [Link]
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-0908
cert-bund: WID-SEC-2022-0871
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0745
cert-bund: WID-SEC-2022-0712
cert-bund: WID-SEC-2022-0677
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0674
cert-bund: WID-SEC-2022-0515
cert-bund: WID-SEC-2022-0484
cert-bund: WID-SEC-2022-0472
cert-bund: WID-SEC-2022-0447
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0386
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0203
cert-bund: WID-SEC-2022-0196
cert-bund: WID-SEC-2022-0024
cert-bund: CB-K22/0675
cert-bund: CB-K22/0239
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2022-1721
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-1456
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1247
dfn-cert: DFN-CERT-2022-0451
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2438
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194
2 RESULTS PER HOST 702

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (jul2023) 02 - Windows

Summary
Oracle Java SE is prone to remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of networking protocols within the Java SE engine
component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 02 - Windows
OID:[Link].4.1.25623.1.0.832160
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22043
url: [Link]
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2681
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-1947
dfn-cert: DFN-CERT-2023-1653
2 RESULTS PER HOST 703

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (jul2023) 02 - Windows

Summary
Oracle Java SE is prone to remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of networking protocols within the Java SE engine
component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 02 - Windows
OID:[Link].4.1.25623.1.0.832160
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22043
url: [Link]
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2681
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-1947
dfn-cert: DFN-CERT-2023-1653
2 RESULTS PER HOST 704

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (jan2024) 03 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized access to critical data or complete access to all Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u391 and earlier 11.0.21 and earlier on Windows.

Vulnerability Insight
The aw exists due to an unspecied vulnerability in Oracle Java SE which can be exploited by
using APIs in the specied Component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2024) 03 - Windows
OID:[Link].4.1.25623.1.0.832789
Version used: 2024-01-24T[Link]Z

References
cve: CVE-2024-20926
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0121
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-0500
dfn-cert: DFN-CERT-2024-0494
dfn-cert: DFN-CERT-2024-0422
. . . continues on next page . . .
2 RESULTS PER HOST 705

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-0361
dfn-cert: DFN-CERT-2024-0354
dfn-cert: DFN-CERT-2024-0129
dfn-cert: DFN-CERT-2024-0128

Medium (CVSS: 5.9)

NVT: Oracle Java SE Unknown Vulnerability (Jul 2025) - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to perform unauthorized modications to data, disclose
information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 11.0.x through 11.0.27, 8u451 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Unknown Vulnerability (Jul 2025) - Windows
OID:[Link].4.1.25623.1.0.836512
Version used: 2025-07-18T[Link]Z

References
cve: CVE-2025-30761
url: [Link]
cert-bund: WID-SEC-2025-1850
cert-bund: WID-SEC-2025-1569
dfn-cert: DFN-CERT-2025-3170
dfn-cert: DFN-CERT-2025-2550
dfn-cert: DFN-CERT-2025-2099
. . . continues on next page . . .
2 RESULTS PER HOST 706

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-1900
dfn-cert: DFN-CERT-2025-1899

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Updates-02 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to modify data, partially access data, cause
partial denial of service conditions.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier and 10.0
through 10.0.1 on Windows

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in components 'Libraries', 'JSSE' and 'Con-
currency'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-02 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813682
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2973
cve: CVE-2018-2940
cve: CVE-2018-2952
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 707

. . . continued from previous page . . .

url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K19/0354
cert-bund: CB-K18/1076
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-1902
dfn-cert: DFN-CERT-2018-1691
dfn-cert: DFN-CERT-2018-1675
dfn-cert: DFN-CERT-2018-1456
dfn-cert: DFN-CERT-2018-1405

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Updates-02 (jul2018-4258247) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to modify data, partially access data, cause
partial denial of service conditions.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier and 10.0
through 10.0.1 on Windows

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in components 'Libraries', 'JSSE' and 'Con-
currency'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 708

. . . continued from previous page . . .

Details: Oracle Java SE Security Updates-02 (jul2018-4258247) - Windows
OID:[Link].4.1.25623.1.0.813682
Version used: 2025-09-17T[Link]Z

References
cve: CVE-2018-2973
cve: CVE-2018-2940
cve: CVE-2018-2952
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1308
cert-bund: CB-K19/0354
cert-bund: CB-K18/1076
cert-bund: CB-K18/0796
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-1902
dfn-cert: DFN-CERT-2018-1691
dfn-cert: DFN-CERT-2018-1675
dfn-cert: DFN-CERT-2018-1456
dfn-cert: DFN-CERT-2018-1405

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (jan2024) 03 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized access to critical data or complete access to all Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 709

. . . continued from previous page . . .

Oracle Java SE version 8u391 and earlier 11.0.21 and earlier on Windows.

Vulnerability Insight
The aw exists due to an unspecied vulnerability in Oracle Java SE which can be exploited by
using APIs in the specied Component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2024) 03 - Windows
OID:[Link].4.1.25623.1.0.832789
Version used: 2024-01-24T[Link]Z

References
cve: CVE-2024-20926
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0121
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-0500
dfn-cert: DFN-CERT-2024-0494
dfn-cert: DFN-CERT-2024-0422
dfn-cert: DFN-CERT-2024-0361
dfn-cert: DFN-CERT-2024-0354
dfn-cert: DFN-CERT-2024-0129
dfn-cert: DFN-CERT-2024-0128

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (apr2023) 02 - Windows

Summary
Oracle Java SE is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 710

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u361 and earlier, 11.0.18, 17.0.6 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of networking protocols within the Java SE engine
component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2023) 02 - Windows
OID:[Link].4.1.25623.1.0.832048
Version used: 2024-06-28T[Link]Z

References
cve: CVE-2023-21954
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2112
cert-bund: WID-SEC-2023-1011
dfn-cert: DFN-CERT-2023-2493
dfn-cert: DFN-CERT-2023-2249
dfn-cert: DFN-CERT-2023-1955
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1879
dfn-cert: DFN-CERT-2023-1418
dfn-cert: DFN-CERT-2023-1336
dfn-cert: DFN-CERT-2023-0897
dfn-cert: DFN-CERT-2023-0896

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (apr2023) 02 - Windows

Summary
Oracle Java SE is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
. . . continues on next page . . .
2 RESULTS PER HOST 711

. . . continued from previous page . . .

Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u361 and earlier, 11.0.18, 17.0.6 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of networking protocols within the Java SE engine
component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2023) 02 - Windows
OID:[Link].4.1.25623.1.0.832048
Version used: 2024-06-28T[Link]Z

References
cve: CVE-2023-21954
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2112
cert-bund: WID-SEC-2023-1011
dfn-cert: DFN-CERT-2023-2493
dfn-cert: DFN-CERT-2023-2249
dfn-cert: DFN-CERT-2023-1955
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1879
dfn-cert: DFN-CERT-2023-1418
dfn-cert: DFN-CERT-2023-1336
dfn-cert: DFN-CERT-2023-0897
dfn-cert: DFN-CERT-2023-0896
2 RESULTS PER HOST 712

Medium (CVSS: 5.9)

NVT: Oracle Java SE Security Update (apr2021) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u291 ([Link]) and earlier, 8u281 ([Link]) and earlier, 11.0.10 and
earlier, 16 on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2021) - Windows
OID:[Link].4.1.25623.1.0.818127
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-2161
cve: CVE-2021-2163
url: [Link]
cert-bund: WID-SEC-2025-0227
cert-bund: WID-SEC-2023-1125
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1894
cert-bund: WID-SEC-2022-1303
cert-bund: WID-SEC-2022-1261
cert-bund: WID-SEC-2022-1244
. . . continues on next page . . .
2 RESULTS PER HOST 713

. . . continued from previous page . . .

cert-bund: CB-K21/0981
cert-bund: CB-K21/0412
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2022-1934
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2223
dfn-cert: DFN-CERT-2021-1504
dfn-cert: DFN-CERT-2021-1116
dfn-cert: DFN-CERT-2021-1061
dfn-cert: DFN-CERT-2021-0978
dfn-cert: DFN-CERT-2021-0818
dfn-cert: DFN-CERT-2021-0815
dfn-cert: DFN-CERT-2021-0812

Medium (CVSS: 5.8)

NVT: Microsoft Schannel Security Bypass Vulnerability (3081320)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-121.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19044

Impact
Successful exploitation will allow attackers to perform unauthorized actions by conducting a
man-in-the-middle attack and this may lead to other attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 714

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
The aw is due to some weakness in the Transport Layer Security (TLS) implementation.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Schannel Security Bypass Vulnerability (3081320)
OID:[Link].4.1.25623.1.0.806555
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-6112
url: [Link]
url: [Link]
cert-bund: CB-K15/1649
dfn-cert: DFN-CERT-2015-1742

Medium (CVSS: 5.8)

NVT: Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability

(2765809)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-083.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow attacker to bypass certain security restrictions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior.

Vulnerability Insight
The aw is due to error in the IP-HTTPS component, which fails to validate the certicates.
This can lead to a revoked certicate being considered as valid.
. . . continues on next page . . .
2 RESULTS PER HOST 715

. . . continued from previous page . . .

Vulnerability Detection Method

Details: Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (276.
,→..
OID:[Link].4.1.25623.1.0.901305
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-2549
url: [Link]
url: [Link]
url: [Link]
,→12-083
dfn-cert: DFN-CERT-2012-2231

Medium (CVSS: 5.8)

NVT: Microsoft Root Certicate Program SHA-1 Deprecation Advisory (3123479)

Summary
This host is missing an important security update according to Microsoft advisory (3123479).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23584

Impact
Successful exploitation will allow attackers to take advantage of weakness of the SHA-1 hashing
algorithm that exposes it to collision attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
. . . continues on next page . . .
2 RESULTS PER HOST 716

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
An update is available that aims to warn customers in assessing the risk of certain applications
that use X.509 digital certicates that are signed using the SHA-1 hashing algorithm.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Root Certificate Program SHA-1 Deprecation Advisory (3123479)
OID:[Link].4.1.25623.1.0.806663
Version used: 2023-07-21T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→[Link]

Medium (CVSS: 5.8)

NVT: Microsoft Windows Security Feature Bypass Vulnerability (2785220)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-006.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to silently downgrade a SSL version 3 or
TLS connection to SSL version 2, which supports weak encryption cyphers.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 717

. . . continued from previous page . . .

- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The vulnerability is caused when Windows fails to properly handle SSL/TLS session version
negotiation.

Vulnerability Detection Method

Details: Microsoft Windows Security Feature Bypass Vulnerability (2785220)
OID:[Link].4.1.25623.1.0.901214
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-0013
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-0046

Medium (CVSS: 5.5)

NVT: Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability
(3207328)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-153.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385
Vulnerable range: Less than 6.1.7601.23598

Impact
Successful exploitation will allow an attacker to run a specially crafted application to bypass
security measures on the aected system allowing further exploitation.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
. . . continues on next page . . .
2 RESULTS PER HOST 718

. . . continued from previous page . . .

- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2016 x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64

Vulnerability Insight
The aw exists due to the Windows Common Log File System (CLFS) driver improperly handles
objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Common Log File System Driver Information Disclosure Vulnerab.
,→..
OID:[Link].4.1.25623.1.0.810310
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-7295
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1959
dfn-cert: DFN-CERT-2016-2066

Medium (CVSS: 5.5)

NVT: Microsoft Windows Registry Multiple Vulnerabilities (3193227)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-124

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\
[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23564

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 719

. . . continued from previous page . . .

Successful exploitation will allow attacker to gain access to information not intended to be
available to the user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64

Vulnerability Insight
Multiple elevation of privilege vulnerabilities exist in Microsoft Windows when a Windows kernel
API improperly allows a user to access sensitive registry information.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Registry Multiple Vulnerabilities (3193227)
OID:[Link].4.1.25623.1.0.809440
Version used: 2023-09-22T[Link]Z

References
cve: CVE-2016-0070
cve: CVE-2016-0073
cve: CVE-2016-0075
cve: CVE-2016-0079
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1582
dfn-cert: DFN-CERT-2016-1672
2 RESULTS PER HOST 720

Medium (CVSS: 5.5)

NVT: Microsoft Windows Kernel Elevation of Privilege Vulnerability (3199720)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-139.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23569

Impact
Successful exploitation will allow an attacker could gain access to information that is not intended
for the user.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
The aw exists in the way that the Windows Kernel API enforces permissions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel Elevation of Privilege Vulnerability (3199720)
OID:[Link].4.1.25623.1.0.809467
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-7216
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K16/1747
dfn-cert: DFN-CERT-2016-1852
2 RESULTS PER HOST 721

Medium (CVSS: 5.5)

NVT: Microsoft WinVerifyTrust Signature Validation Vulnerability (2893294)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS13-098.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to execute arbitrary code or cause a denial of service
condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2

Vulnerability Insight
Flaw is due to WinVerifyTrust function which does not properly handles the Windows Authen-
ticode signature verication for portable executable(PE) les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft WinVerifyTrust Signature Validation Vulnerability (2893294)
OID:[Link].4.1.25623.1.0.903228
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-3900
cisa: Known Exploited Vulnerability (KEV) catalog
. . . continues on next page . . .
2 RESULTS PER HOST 722

. . . continued from previous page . . .

url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/1027
dfn-cert: DFN-CERT-2013-2048

Medium (CVSS: 5.5)

NVT: Microsoft Graphics Component '[Link]' Information Disclosure Vulnerability (MS17-

013)

Summary
'[Link]' Graphics Device Interface is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Version 6.1.7601.23457 and prior

Impact
Successful exploitation will allow an attacker to obtain sensitive information from process heap
memory.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511, 1607 x32/x64
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1

Vulnerability Insight
The aw exists due to multiple bugs related to the handling of DIBs (Device Independent
Bitmaps) embedded in EMF records.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 723

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component '[Link]' Information Disclosure Vulnerability (.
,→..
OID:[Link].4.1.25623.1.0.809889
Version used: 2023-06-23T[Link]Z

References
cve: CVE-2017-0038
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451

Medium (CVSS: 5.4)

NVT: Microsoft Windows SAMR Protocol Security Bypass Vulnerability (2934418)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-016.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to bypass certain security features.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 724

. . . continued from previous page . . .

Flaw is due to improper validation of user lockout state by Security Account Manager Remote
(SAMR) protocol.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows SAMR Protocol Security Bypass Vulnerability (2934418)
OID:[Link].4.1.25623.1.0.804245
Version used: 2024-06-28T[Link]Z

References
cve: CVE-2014-0317
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0296
dfn-cert: DFN-CERT-2014-0300

Medium (CVSS: 5.3)

NVT: OpenSSH < 7.8 User Enumeration Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a user enumeration vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.8
Installation
path / port: /usr/bin/ssh

Impact
Successfully exploitation will allow remote attacker to test whether a certain user exists or not
(username enumeration) on a target OpenSSH server.

Solution:
Solution type: VendorFix
Update to version 7.8 or later.

. . . continues on next page . . .

2 RESULTS PER HOST 725

. . . continued from previous page . . .

Aected Software/OS
OpenSSH versions 7.7 and prior.

Vulnerability Insight
The aw is due to not delaying bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and
auth2-pubkey.c

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.8 User Enumeration Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813863
Version used: 2023-07-20T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2018-15473
url: [Link]
url: [Link]
,→1e0
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K20/0041
cert-bund: CB-K18/1031
cert-bund: CB-K18/0873
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2021-2178
dfn-cert: DFN-CERT-2020-2189
dfn-cert: DFN-CERT-2020-0228
dfn-cert: DFN-CERT-2019-2046
dfn-cert: DFN-CERT-2019-0857
dfn-cert: DFN-CERT-2019-0362
dfn-cert: DFN-CERT-2018-2293
dfn-cert: DFN-CERT-2018-2259
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-1806
dfn-cert: DFN-CERT-2018-1696
2 RESULTS PER HOST 726

Medium (CVSS: 5.3)

NVT: OpenSSH < 7.8 User Enumeration Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a user enumeration vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.8
Installation
path / port: /usr/sbin/sshd

Impact
Successfully exploitation will allow remote attacker to test whether a certain user exists or not
(username enumeration) on a target OpenSSH server.

Solution:
Solution type: VendorFix
Update to version 7.8 or later.

Aected Software/OS
OpenSSH versions 7.7 and prior.

Vulnerability Insight
The aw is due to not delaying bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and
auth2-pubkey.c

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.8 User Enumeration Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813863
Version used: 2023-07-20T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
. . . continues on next page . . .
2 RESULTS PER HOST 727

. . . continued from previous page . . .

OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2018-15473
url: [Link]
url: [Link]
,→1e0
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K20/0041
cert-bund: CB-K18/1031
cert-bund: CB-K18/0873
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2021-2178
dfn-cert: DFN-CERT-2020-2189
dfn-cert: DFN-CERT-2020-0228
dfn-cert: DFN-CERT-2019-2046
dfn-cert: DFN-CERT-2019-0857
dfn-cert: DFN-CERT-2019-0362
dfn-cert: DFN-CERT-2018-2293
dfn-cert: DFN-CERT-2018-2259
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-1806
dfn-cert: DFN-CERT-2018-1696

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 728

. . . continued from previous page . . .

Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u221([Link]) and earlier, 8u212([Link]) and earlier, 11.0.2 and
earlier, 12.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to errors in 'AWT (libpng)', 'Utilities' and 'Networking' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 03 - Windows
OID:[Link].4.1.25623.1.0.815177
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2769
cve: CVE-2019-2762
cve: CVE-2019-2766
cve: CVE-2019-7317
cve: CVE-2019-2816
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: WID-SEC-2023-0122
cert-bund: WID-SEC-2023-0065
cert-bund: WID-SEC-2022-0882
cert-bund: CB-K21/1083
cert-bund: CB-K21/0421
cert-bund: CB-K19/1121
cert-bund: CB-K19/0938
cert-bund: CB-K19/0897
cert-bund: CB-K19/0621
cert-bund: CB-K19/0440
cert-bund: CB-K19/0115
dfn-cert: DFN-CERT-2022-1723
dfn-cert: DFN-CERT-2021-0821
dfn-cert: DFN-CERT-2021-0444
dfn-cert: DFN-CERT-2020-0353
dfn-cert: DFN-CERT-2019-2494
dfn-cert: DFN-CERT-2019-1584
dfn-cert: DFN-CERT-2019-1452
dfn-cert: DFN-CERT-2019-1312
dfn-cert: DFN-CERT-2019-1295
dfn-cert: DFN-CERT-2019-1110
dfn-cert: DFN-CERT-2019-1039
. . . continues on next page . . .
2 RESULTS PER HOST 729

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2019-1038
dfn-cert: DFN-CERT-2019-0924
dfn-cert: DFN-CERT-2019-0285

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 03 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u221([Link]) and earlier, 8u212([Link]) and earlier, 11.0.2 and
earlier, 12.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to errors in 'AWT (libpng)', 'Utilities' and 'Networking' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 03 - Windows
OID:[Link].4.1.25623.1.0.815177
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2769
cve: CVE-2019-2762
cve: CVE-2019-2766
cve: CVE-2019-7317
. . . continues on next page . . .
2 RESULTS PER HOST 730

. . . continued from previous page . . .

cve: CVE-2019-2816
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: WID-SEC-2023-0122
cert-bund: WID-SEC-2023-0065
cert-bund: WID-SEC-2022-0882
cert-bund: CB-K21/1083
cert-bund: CB-K21/0421
cert-bund: CB-K19/1121
cert-bund: CB-K19/0938
cert-bund: CB-K19/0897
cert-bund: CB-K19/0621
cert-bund: CB-K19/0440
cert-bund: CB-K19/0115
dfn-cert: DFN-CERT-2022-1723
dfn-cert: DFN-CERT-2021-0821
dfn-cert: DFN-CERT-2021-0444
dfn-cert: DFN-CERT-2020-0353
dfn-cert: DFN-CERT-2019-2494
dfn-cert: DFN-CERT-2019-1584
dfn-cert: DFN-CERT-2019-1452
dfn-cert: DFN-CERT-2019-1312
dfn-cert: DFN-CERT-2019-1295
dfn-cert: DFN-CERT-2019-1110
dfn-cert: DFN-CERT-2019-1039
dfn-cert: DFN-CERT-2019-1038
dfn-cert: DFN-CERT-2019-0924
dfn-cert: DFN-CERT-2019-0285

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2022) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 731

. . . continued from previous page . . .

Successful exploitation will allow remote attacker to have an impact on integrity and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u341 and earlier, 11.x through [Link], 17.x through [Link], 19 on
Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in components 'JNDI', 'Security' and 'JNDI'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2022) 01 - Windows
OID:[Link].4.1.25623.1.0.826589
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21628
cve: CVE-2022-21619
cve: CVE-2022-21624
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-0809
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2022-1789
dfn-cert: DFN-CERT-2023-0616
dfn-cert: DFN-CERT-2023-0256
dfn-cert: DFN-CERT-2023-0217
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2696
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2600
dfn-cert: DFN-CERT-2022-2547
dfn-cert: DFN-CERT-2022-2313
dfn-cert: DFN-CERT-2022-2312

Medium (CVSS: 5.3)

NVT: OpenSSH 'auth2-gss.c' User Enumeration Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
. . . continues on next page . . .
2 RESULTS PER HOST 732

. . . continued from previous page . . .

Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a user enumeration vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: None
Installation
path / port: /usr/sbin/sshd

Impact
Successfully exploitation will allow a remote attacker to harvest valid user accounts, which may
aid in brute-force attacks.

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
OpenSSH version 5.9 through 7.8.

Vulnerability Insight
The aw exists in the 'auth-gss2.c' source code le of the aected software and is due to in-
sucient validation of an authentication request packet when the Guide Star Server II (GSS2)
component is used on an aected system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH 'auth2-gss.c' User Enumeration Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813887
Version used: 2021-05-28T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2018-15919
. . . continues on next page . . .
2 RESULTS PER HOST 733

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K18/0885
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2018-2293
dfn-cert: DFN-CERT-2018-2191

Medium (CVSS: 5.3)

NVT: OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.6
Installation
path / port: /usr/bin/ssh

Impact
Successfully exploiting this issue allows local users to bypass certain security restrictions and
perform unauthorized actions. This may lead to further attacks.

Solution:
Solution type: VendorFix
Update to version 7.6 or later.

Aected Software/OS
OpenSSH versions prior to 7.6 on Windows.

Vulnerability Insight
The aw exists in the 'process_open' function in sftp-server.c script which does not properly
prevent write operations in readonly mode.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 734

. . . continued from previous page . . .

Details: OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows
OID:[Link].4.1.25623.1.0.812050
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2017-15906
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K20/0041
cert-bund: CB-K18/0137
cert-bund: CB-K17/2126
cert-bund: CB-K17/2014
cert-bund: CB-K17/2002
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2019-0362
dfn-cert: DFN-CERT-2018-2554
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-2068
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1568
dfn-cert: DFN-CERT-2018-0150
dfn-cert: DFN-CERT-2017-2217
dfn-cert: DFN-CERT-2017-2100
dfn-cert: DFN-CERT-2017-2093

Medium (CVSS: 5.3)

NVT: OpenSSH 'auth2-gss.c' User Enumeration Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a user enumeration vulnerability.

. . . continues on next page . . .

2 RESULTS PER HOST 735

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: None
Installation
path / port: /usr/bin/ssh

Impact
Successfully exploitation will allow a remote attacker to harvest valid user accounts, which may
aid in brute-force attacks.

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
OpenSSH version 5.9 through 7.8.

Vulnerability Insight
The aw exists in the 'auth-gss2.c' source code le of the aected software and is due to in-
sucient validation of an authentication request packet when the Guide Star Server II (GSS2)
component is used on an aected system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH 'auth2-gss.c' User Enumeration Vulnerability - Windows
OID:[Link].4.1.25623.1.0.813887
Version used: 2021-05-28T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2018-15919
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K18/0885
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2018-2293
. . . continues on next page . . .
2 RESULTS PER HOST 736

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2018-2191

Medium (CVSS: 5.3)

NVT: OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows

Product detection result

cpe:/a:openbsd:openssh:7.1
Detected by OpenSSH Detection Consolidation (OID: [Link].4.1.25623.1.0.108577)

Summary
OpenSSH is prone to a security bypass vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 7.1p1
Fixed version: 7.6
Installation
path / port: /usr/sbin/sshd

Impact
Successfully exploiting this issue allows local users to bypass certain security restrictions and
perform unauthorized actions. This may lead to further attacks.

Solution:
Solution type: VendorFix
Update to version 7.6 or later.

Aected Software/OS
OpenSSH versions prior to 7.6 on Windows.

Vulnerability Insight
The aw exists in the 'process_open' function in sftp-server.c script which does not properly
prevent write operations in readonly mode.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: OpenSSH < 7.6 'sftp-server' Security Bypass Vulnerability - Windows
OID:[Link].4.1.25623.1.0.812050
Version used: 2024-12-13T[Link]Z

Product Detection Result

Product: cpe:/a:openbsd:openssh:7.1
. . . continues on next page . . .
2 RESULTS PER HOST 737

. . . continued from previous page . . .

Method: OpenSSH Detection Consolidation
OID: [Link].4.1.25623.1.0.108577)

References
cve: CVE-2017-15906
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1082
cert-bund: CB-K20/0041
cert-bund: CB-K18/0137
cert-bund: CB-K17/2126
cert-bund: CB-K17/2014
cert-bund: CB-K17/2002
dfn-cert: DFN-CERT-2024-1260
dfn-cert: DFN-CERT-2019-0362
dfn-cert: DFN-CERT-2018-2554
dfn-cert: DFN-CERT-2018-2191
dfn-cert: DFN-CERT-2018-2068
dfn-cert: DFN-CERT-2018-1828
dfn-cert: DFN-CERT-2018-1568
dfn-cert: DFN-CERT-2018-0150
dfn-cert: DFN-CERT-2017-2217
dfn-cert: DFN-CERT-2017-2100
dfn-cert: DFN-CERT-2017-2093

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2022) 01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity and availability.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 738

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u341 and earlier, 11.x through [Link], 17.x through [Link], 19 on
Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in components 'JNDI', 'Security' and 'JNDI'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2022) 01 - Windows
OID:[Link].4.1.25623.1.0.826589
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21628
cve: CVE-2022-21619
cve: CVE-2022-21624
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-0809
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2022-1789
dfn-cert: DFN-CERT-2023-0616
dfn-cert: DFN-CERT-2023-0256
dfn-cert: DFN-CERT-2023-0217
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2696
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2600
dfn-cert: DFN-CERT-2022-2547
dfn-cert: DFN-CERT-2022-2313
dfn-cert: DFN-CERT-2022-2312

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2021) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

. . . continues on next page . . .
2 RESULTS PER HOST 739

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability and con-
dentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 7u311 ([Link]) and earlier, 11.0.12 and
earlier and 17.0.0.

Vulnerability Insight
Multiple aws are due to multiple errors in the 'ImageIO', 'Keytool', 'Swing', 'Utility' and 'JSSE'
components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 04 - Windows
OID:[Link].4.1.25623.1.0.818830
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35586
cve: CVE-2021-35564
cve: CVE-2021-35556
cve: CVE-2021-35559
cve: CVE-2021-35561
cve: CVE-2021-35603
url: [Link]
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-1162
cert-bund: WID-SEC-2022-0987
cert-bund: WID-SEC-2022-0908
cert-bund: WID-SEC-2022-0871
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0745
cert-bund: WID-SEC-2022-0712
. . . continues on next page . . .
2 RESULTS PER HOST 740

. . . continued from previous page . . .

cert-bund: WID-SEC-2022-0677
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0674
cert-bund: WID-SEC-2022-0515
cert-bund: WID-SEC-2022-0472
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0398
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0203
cert-bund: WID-SEC-2022-0196
cert-bund: WID-SEC-2022-0028
cert-bund: WID-SEC-2022-0024
cert-bund: CB-K22/0675
cert-bund: CB-K22/0239
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2022-1721
dfn-cert: DFN-CERT-2022-1704
dfn-cert: DFN-CERT-2022-1648
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-1456
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1247
dfn-cert: DFN-CERT-2022-0451
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2566
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2498
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194

Medium (CVSS: 5.3)

NVT: Oracle Java SE Denial of Service Vulnerability (cpuoct2018) - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
. . . continues on next page . . .
2 RESULTS PER HOST 741

. . . continued from previous page . . .

Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to cause partial denial of service conditions.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.6.0 to [Link], 1.7.0 to [Link], 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw is due to error in 'Sound' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Denial of Service Vulnerability (cpuoct2018) - Windows
OID:[Link].4.1.25623.1.0.814402
Version used: 2024-09-25T[Link]Z

References
cve: CVE-2018-3214
url: [Link]
cert-bund: CB-K19/0175
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2107

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2022) 01 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 742

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u311 ([Link]) and earlier, 7u321 ([Link]) and earlier on Windows.

Vulnerability Insight
The aw is due to an error in '2D' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2022) 01 - Windows
OID:[Link].4.1.25623.1.0.819964
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21349
url: [Link]
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0839
cert-bund: WID-SEC-2023-0838
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-0812
cert-bund: WID-SEC-2022-0799
cert-bund: WID-SEC-2022-0447
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0431
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0100
cert-bund: CB-K22/0078
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0111

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2022) 01 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 743

. . . continued from previous page . . .

Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u311 ([Link]) and earlier, 7u321 ([Link]) and earlier on Windows.

Vulnerability Insight
The aw is due to an error in '2D' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2022) 01 - Windows
OID:[Link].4.1.25623.1.0.819964
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21349
url: [Link]
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0839
cert-bund: WID-SEC-2023-0838
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-0812
cert-bund: WID-SEC-2022-0799
cert-bund: WID-SEC-2022-0447
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0431
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0100
cert-bund: CB-K22/0078
dfn-cert: DFN-CERT-2022-0438
. . . continues on next page . . .
2 RESULTS PER HOST 744

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-0111

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2021) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability and con-
dentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 7u311 ([Link]) and earlier, 11.0.12 and
earlier and 17.0.0.

Vulnerability Insight
Multiple aws are due to multiple errors in the 'ImageIO', 'Keytool', 'Swing', 'Utility' and 'JSSE'
components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 04 - Windows
OID:[Link].4.1.25623.1.0.818830
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35586
cve: CVE-2021-35564
cve: CVE-2021-35556
cve: CVE-2021-35559
cve: CVE-2021-35561
. . . continues on next page . . .
2 RESULTS PER HOST 745

. . . continued from previous page . . .

cve: CVE-2021-35603
url: [Link]
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-1162
cert-bund: WID-SEC-2022-0987
cert-bund: WID-SEC-2022-0908
cert-bund: WID-SEC-2022-0871
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0745
cert-bund: WID-SEC-2022-0712
cert-bund: WID-SEC-2022-0677
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0674
cert-bund: WID-SEC-2022-0515
cert-bund: WID-SEC-2022-0472
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0398
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0203
cert-bund: WID-SEC-2022-0196
cert-bund: WID-SEC-2022-0028
cert-bund: WID-SEC-2022-0024
cert-bund: CB-K22/0675
cert-bund: CB-K22/0239
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2023-1197
dfn-cert: DFN-CERT-2022-1721
dfn-cert: DFN-CERT-2022-1704
dfn-cert: DFN-CERT-2022-1648
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-1456
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1247
dfn-cert: DFN-CERT-2022-0451
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2566
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2498
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194
2 RESULTS PER HOST 746

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2022) 02 - Windows

Summary
Oracle Java SE is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: See vendor advisory
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability, integrity and
condentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u311 ([Link]) and earlier, 7u321 ([Link]) and earlier, 11.x through
11.0.13 and 17.x through 17.0.1 on Windows.

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in components 'Serialization', 'Libraries',
'JAXP', 'ImageIO' and 'Hotspot'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2022) 02 - Windows
OID:[Link].4.1.25623.1.0.819965
Version used: 2023-10-19T[Link]Z

References
cve: CVE-2022-21291
cve: CVE-2022-21305
cve: CVE-2022-21360
cve: CVE-2022-21365
cve: CVE-2022-21282
cve: CVE-2022-21296
cve: CVE-2022-21299
cve: CVE-2022-21293
. . . continues on next page . . .
2 RESULTS PER HOST 747

. . . continued from previous page . . .

cve: CVE-2022-21294
cve: CVE-2022-21340
cve: CVE-2022-21341
cve: CVE-2022-21248
url: [Link]
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0839
cert-bund: WID-SEC-2023-0838
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-0987
cert-bund: WID-SEC-2022-0858
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0812
cert-bund: WID-SEC-2022-0799
cert-bund: WID-SEC-2022-0745
cert-bund: WID-SEC-2022-0712
cert-bund: WID-SEC-2022-0472
cert-bund: WID-SEC-2022-0447
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0431
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0287
cert-bund: WID-SEC-2022-0203
cert-bund: WID-SEC-2022-0100
cert-bund: WID-SEC-2022-0028
cert-bund: CB-K22/0078
dfn-cert: DFN-CERT-2022-1648
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1323
dfn-cert: DFN-CERT-2022-1266
dfn-cert: DFN-CERT-2022-0451
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0320
dfn-cert: DFN-CERT-2022-0111

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2022) 02 - Windows

Summary
Oracle Java SE is prone to multiple unspecied vulnerabilities.

. . . continues on next page . . .

2 RESULTS PER HOST 748

. . . continued from previous page . . .

Quality of Detection (QoD): 97%
Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: See vendor advisory
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability, integrity and
condentiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u311 ([Link]) and earlier, 7u321 ([Link]) and earlier, 11.x through
11.0.13 and 17.x through 17.0.1 on Windows.

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in components 'Serialization', 'Libraries',
'JAXP', 'ImageIO' and 'Hotspot'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2022) 02 - Windows
OID:[Link].4.1.25623.1.0.819965
Version used: 2023-10-19T[Link]Z

References
cve: CVE-2022-21291
cve: CVE-2022-21305
cve: CVE-2022-21360
cve: CVE-2022-21365
cve: CVE-2022-21282
cve: CVE-2022-21296
cve: CVE-2022-21299
cve: CVE-2022-21293
cve: CVE-2022-21294
cve: CVE-2022-21340
cve: CVE-2022-21341
cve: CVE-2022-21248
url: [Link]
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0839
. . . continues on next page . . .
2 RESULTS PER HOST 749

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-0838
cert-bund: WID-SEC-2022-1335
cert-bund: WID-SEC-2022-1228
cert-bund: WID-SEC-2022-0987
cert-bund: WID-SEC-2022-0858
cert-bund: WID-SEC-2022-0833
cert-bund: WID-SEC-2022-0826
cert-bund: WID-SEC-2022-0812
cert-bund: WID-SEC-2022-0799
cert-bund: WID-SEC-2022-0745
cert-bund: WID-SEC-2022-0712
cert-bund: WID-SEC-2022-0472
cert-bund: WID-SEC-2022-0447
cert-bund: WID-SEC-2022-0446
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0431
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0300
cert-bund: WID-SEC-2022-0287
cert-bund: WID-SEC-2022-0203
cert-bund: WID-SEC-2022-0100
cert-bund: WID-SEC-2022-0028
cert-bund: CB-K22/0078
dfn-cert: DFN-CERT-2022-1648
dfn-cert: DFN-CERT-2022-1339
dfn-cert: DFN-CERT-2022-1323
dfn-cert: DFN-CERT-2022-1266
dfn-cert: DFN-CERT-2022-0451
dfn-cert: DFN-CERT-2022-0438
dfn-cert: DFN-CERT-2022-0320
dfn-cert: DFN-CERT-2022-0111

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2022) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 750

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u341 and earlier, 11.x through [Link] on Windows.

Vulnerability Insight
The aw exists due to an error in component 'Security'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2022) 04 - Windows
OID:[Link].4.1.25623.1.0.826593
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21626
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-0809
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2022-1789
dfn-cert: DFN-CERT-2023-0616
dfn-cert: DFN-CERT-2023-0608
dfn-cert: DFN-CERT-2023-0607
dfn-cert: DFN-CERT-2023-0217
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2696
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2600
dfn-cert: DFN-CERT-2022-2547
dfn-cert: DFN-CERT-2022-2313
dfn-cert: DFN-CERT-2022-2312

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2022) 04 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 751

. . . continued from previous page . . .

Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u311 ([Link]) and earlier, 7u321 ([Link]) and earlier and 11.x
through 11.0.13 on Windows.

Vulnerability Insight
The aw is due to an error in 'Libraries' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2022) 04 - Windows
OID:[Link].4.1.25623.1.0.819967
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21271
url: [Link]
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0100
cert-bund: CB-K22/0078
cert-bund: CB-K22/0061
dfn-cert: DFN-CERT-2025-0509
dfn-cert: DFN-CERT-2022-0369
dfn-cert: DFN-CERT-2022-0320
dfn-cert: DFN-CERT-2022-0121
dfn-cert: DFN-CERT-2022-0111
2 RESULTS PER HOST 752

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2022) 04 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u311 ([Link]) and earlier, 7u321 ([Link]) and earlier and 11.x
through 11.0.13 on Windows.

Vulnerability Insight
The aw is due to an error in 'Libraries' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2022) 04 - Windows
OID:[Link].4.1.25623.1.0.819967
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2022-21271
url: [Link]
cert-bund: WID-SEC-2022-0432
cert-bund: WID-SEC-2022-0302
cert-bund: WID-SEC-2022-0100
cert-bund: CB-K22/0078
cert-bund: CB-K22/0061
dfn-cert: DFN-CERT-2025-0509
dfn-cert: DFN-CERT-2022-0369
dfn-cert: DFN-CERT-2022-0320
. . . continues on next page . . .
2 RESULTS PER HOST 753

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2022-0121
dfn-cert: DFN-CERT-2022-0111

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2023) 02 - Windows

Summary
Oracle Java SE is prone to an input validation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u351 and earlier on Windows.

Vulnerability Insight
The aw is due to an improper input validation within the Serialization component in Oracle
Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2023) 02 - Windows
OID:[Link].4.1.25623.1.0.826785
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2023-21830
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
. . . continues on next page . . .
2 RESULTS PER HOST 754

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-2164
cert-bund: WID-SEC-2023-1813
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0840
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2023-0128
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2023-1425
dfn-cert: DFN-CERT-2023-1174
dfn-cert: DFN-CERT-2023-1139
dfn-cert: DFN-CERT-2023-0846
dfn-cert: DFN-CERT-2023-0717
dfn-cert: DFN-CERT-2023-0605
dfn-cert: DFN-CERT-2023-0372
dfn-cert: DFN-CERT-2023-0125
dfn-cert: DFN-CERT-2023-0124

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (jan2023) 02 - Windows

Summary
Oracle Java SE is prone to an input validation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u351 and earlier on Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 755

. . . continued from previous page . . .

The aw is due to an improper input validation within the Serialization component in Oracle
Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2023) 02 - Windows
OID:[Link].4.1.25623.1.0.826785
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2023-21830
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2164
cert-bund: WID-SEC-2023-1813
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0840
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2023-0128
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2023-1425
dfn-cert: DFN-CERT-2023-1174
dfn-cert: DFN-CERT-2023-1139
dfn-cert: DFN-CERT-2023-0846
dfn-cert: DFN-CERT-2023-0717
dfn-cert: DFN-CERT-2023-0605
dfn-cert: DFN-CERT-2023-0372
dfn-cert: DFN-CERT-2023-0125
dfn-cert: DFN-CERT-2023-0124

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2023) 01 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 756

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE. It can result
in unauthorized update, insert or delete access to some of Oracle Java SE accessible data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u381 and earlier, on Windows.

Vulnerability Insight
The aw exists due to an unspecied vulnerability in Oracle Java SE which can only be exploited
by supplying data to APIs in the specied Component without using Untrusted Java Web Start
applications or Untrusted Java applets.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2023) 01 - Windows
OID:[Link].4.1.25623.1.0.832602
Version used: 2023-10-20T[Link]Z

References
cve: CVE-2023-22067
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2692
dfn-cert: DFN-CERT-2023-3177
dfn-cert: DFN-CERT-2023-3009
dfn-cert: DFN-CERT-2023-3006
dfn-cert: DFN-CERT-2023-2999
dfn-cert: DFN-CERT-2023-2975
dfn-cert: DFN-CERT-2023-2941
dfn-cert: DFN-CERT-2023-2939
dfn-cert: DFN-CERT-2023-2886
dfn-cert: DFN-CERT-2023-2562
dfn-cert: DFN-CERT-2023-2557
dfn-cert: DFN-CERT-2023-2534
2 RESULTS PER HOST 757

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2023) 01 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE. It can result
in unauthorized update, insert or delete access to some of Oracle Java SE accessible data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u381 and earlier, on Windows.

Vulnerability Insight
The aw exists due to an unspecied vulnerability in Oracle Java SE which can only be exploited
by supplying data to APIs in the specied Component without using Untrusted Java Web Start
applications or Untrusted Java applets.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2023) 01 - Windows
OID:[Link].4.1.25623.1.0.832602
Version used: 2023-10-20T[Link]Z

References
cve: CVE-2023-22067
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2692
dfn-cert: DFN-CERT-2023-3177
. . . continues on next page . . .
2 RESULTS PER HOST 758

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2023-3009
dfn-cert: DFN-CERT-2023-3006
dfn-cert: DFN-CERT-2023-2999
dfn-cert: DFN-CERT-2023-2975
dfn-cert: DFN-CERT-2023-2941
dfn-cert: DFN-CERT-2023-2939
dfn-cert: DFN-CERT-2023-2886
dfn-cert: DFN-CERT-2023-2562
dfn-cert: DFN-CERT-2023-2557
dfn-cert: DFN-CERT-2023-2534

Medium (CVSS: 5.3)

NVT: Oracle Java SE Denial of Service Vulnerability (cpuoct2018) - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to cause partial denial of service conditions.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.6.0 to [Link], 1.7.0 to [Link], 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw is due to error in 'Sound' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Denial of Service Vulnerability (cpuoct2018) - Windows
OID:[Link].4.1.25623.1.0.814402
Version used: 2024-09-25T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 759

. . . continued from previous page . . .

References
cve: CVE-2018-3214
url: [Link]
cert-bund: CB-K19/0175
cert-bund: CB-K18/1010
dfn-cert: DFN-CERT-2019-0413
dfn-cert: DFN-CERT-2019-0076
dfn-cert: DFN-CERT-2019-0059
dfn-cert: DFN-CERT-2018-2107

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2022) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u341 and earlier, 11.x through [Link] on Windows.

Vulnerability Insight
The aw exists due to an error in component 'Security'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2022) 04 - Windows
OID:[Link].4.1.25623.1.0.826593
Version used: 2025-01-21T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 760

. . . continued from previous page . . .

cve: CVE-2022-21626
url: [Link]
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2023-0809
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2022-1789
dfn-cert: DFN-CERT-2023-0616
dfn-cert: DFN-CERT-2023-0608
dfn-cert: DFN-CERT-2023-0607
dfn-cert: DFN-CERT-2023-0217
dfn-cert: DFN-CERT-2023-0082
dfn-cert: DFN-CERT-2022-2696
dfn-cert: DFN-CERT-2022-2660
dfn-cert: DFN-CERT-2022-2600
dfn-cert: DFN-CERT-2022-2547
dfn-cert: DFN-CERT-2022-2313
dfn-cert: DFN-CERT-2022-2312

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2023) 03 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java
SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u381, 11.0.20, 17.0.8, 20.0.2 on Windows.

. . . continues on next page . . .

2 RESULTS PER HOST 761

. . . continued from previous page . . .

Vulnerability Insight
The aw exists due to an unspecied vulnerability in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2023) 03 - Windows
OID:[Link].4.1.25623.1.0.832605
Version used: 2023-10-20T[Link]Z

References
cve: CVE-2023-22081
url: [Link]
cert-bund: WID-SEC-2024-1653
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2024-0521
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2917
cert-bund: WID-SEC-2023-2692
dfn-cert: DFN-CERT-2024-0169
dfn-cert: DFN-CERT-2023-3177
dfn-cert: DFN-CERT-2023-3009
dfn-cert: DFN-CERT-2023-3006
dfn-cert: DFN-CERT-2023-2999
dfn-cert: DFN-CERT-2023-2975
dfn-cert: DFN-CERT-2023-2939
dfn-cert: DFN-CERT-2023-2886
dfn-cert: DFN-CERT-2023-2562
dfn-cert: DFN-CERT-2023-2561
dfn-cert: DFN-CERT-2023-2560
dfn-cert: DFN-CERT-2023-2559
dfn-cert: DFN-CERT-2023-2558
dfn-cert: DFN-CERT-2023-2557
dfn-cert: DFN-CERT-2023-2535
dfn-cert: DFN-CERT-2023-2534

Medium (CVSS: 5.3)

NVT: Microsoft Active Directory Federation Services Information Disclosure Vulnerability

(4010320)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-019.

. . . continues on next page . . .

2 RESULTS PER HOST 762

. . . continued from previous page . . .

Quality of Detection (QoD): 80%
Vulnerability Detection Result
File checked: C:\Windows\System32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.23677

Impact
Successful exploitation will allow an attacker to read sensitive information about the target
system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
The aw exists when Windows Active Directory Federation Services (ADFS) honors XML Ex-
ternal Entities.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Active Directory Federation Services Information Disclosure Vulnerabi.
,→..
OID:[Link].4.1.25623.1.0.810813
Version used: 2023-07-14T[Link]Z

References
cve: CVE-2017-0043
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451
2 RESULTS PER HOST 763

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Update (oct2023) 03 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java
SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u381, 11.0.20, 17.0.8, 20.0.2 on Windows.

Vulnerability Insight
The aw exists due to an unspecied vulnerability in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2023) 03 - Windows
OID:[Link].4.1.25623.1.0.832605
Version used: 2023-10-20T[Link]Z

References
cve: CVE-2023-22081
url: [Link]
cert-bund: WID-SEC-2024-1653
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0769
cert-bund: WID-SEC-2024-0528
cert-bund: WID-SEC-2024-0521
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2917
. . . continues on next page . . .
2 RESULTS PER HOST 764

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-2692
dfn-cert: DFN-CERT-2024-0169
dfn-cert: DFN-CERT-2023-3177
dfn-cert: DFN-CERT-2023-3009
dfn-cert: DFN-CERT-2023-3006
dfn-cert: DFN-CERT-2023-2999
dfn-cert: DFN-CERT-2023-2975
dfn-cert: DFN-CERT-2023-2939
dfn-cert: DFN-CERT-2023-2886
dfn-cert: DFN-CERT-2023-2562
dfn-cert: DFN-CERT-2023-2561
dfn-cert: DFN-CERT-2023-2560
dfn-cert: DFN-CERT-2023-2559
dfn-cert: DFN-CERT-2023-2558
dfn-cert: DFN-CERT-2023-2557
dfn-cert: DFN-CERT-2023-2535
dfn-cert: DFN-CERT-2023-2534

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 05 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect availability via unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, 10.0 on Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 765

. . . continued from previous page . . .

Multiple aws are due to multiple unspecied errors in 'Concurrency' and 'JAXP' components
of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 05 - Windows
OID:[Link].4.1.25623.1.0.813305
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-2796
cve: CVE-2018-2799
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-0724

Medium (CVSS: 5.3)

NVT: Microsoft Windows NPS RADIUS Server Denial of Service Vulnerability (3133043)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-021

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7600.16385
Vulnerable range: Less than 6.1.7601.19114

Impact
Successful exploitation will allow a remote attacker to send specially crafted username strings to
a Network Policy Server (NPS) causing a denial of service condition for RADIUS authentication
on the NPS.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows server 2008 x32/x64 Edition Service Pack 2
. . . continues on next page . . .
2 RESULTS PER HOST 766

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2012/2012R2

Vulnerability Insight
The aw is due to an improper handling of a Remote Authentication Dial-In User Service (RA-
DIUS) authentication request in Network Policy Server (NPS).

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows NPS RADIUS Server Denial of Service Vulnerability (3133043)
OID:[Link].4.1.25623.1.0.806864
Version used: 2023-07-20T[Link]Z

References
cve: CVE-2016-0050
url: [Link]
url: [Link]
cert-bund: CB-K16/0220
dfn-cert: DFN-CERT-2016-0242

Medium (CVSS: 5.3)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 05 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect availability via unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, 10.0 on Windows.

. . . continues on next page . . .

2 RESULTS PER HOST 767

. . . continued from previous page . . .

Vulnerability Insight
Multiple aws are due to multiple unspecied errors in 'Concurrency' and 'JAXP' components
of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 05 - Windows
OID:[Link].4.1.25623.1.0.813305
Version used: 2023-11-03T[Link]Z

References
cve: CVE-2018-2796
cve: CVE-2018-2799
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-0724

Medium (CVSS: 5.1)

NVT: Oracle Java SE Security Update (jul2023) 03 - Windows

Summary
Oracle Java SE is prone to remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 768

. . . continued from previous page . . .

Oracle Java SE version 8u371 and earlier, 11.0.19, 17.0.7, 20.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of hotspot module within the Java SE engine component
in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 03 - Windows
OID:[Link].4.1.25623.1.0.832318
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22041
url: [Link]
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1814
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-1972
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1657
dfn-cert: DFN-CERT-2023-1653

Medium (CVSS: 5.1)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 05 - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to have an impact on condentiality.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 769

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 1.7.0 to [Link], 1.8.0 to [Link] and 11.0 to 11.0.3 on Windows.

Vulnerability Insight
The aw exists due to error in 'Security' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 05 - Windows
OID:[Link].4.1.25623.1.0.815183
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2745
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: CB-K19/0621
dfn-cert: DFN-CERT-2019-1452

Medium (CVSS: 5.1)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 05 - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to have an impact on condentiality.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 770

. . . continued from previous page . . .

Oracle Java SE version 1.7.0 to [Link], 1.8.0 to [Link] and 11.0 to 11.0.3 on Windows.

Vulnerability Insight
The aw exists due to error in 'Security' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 05 - Windows
OID:[Link].4.1.25623.1.0.815183
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2745
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: CB-K19/0621
dfn-cert: DFN-CERT-2019-1452

Medium (CVSS: 5.1)

NVT: Oracle Java SE Security Update (jul2023) 03 - Windows

Summary
Oracle Java SE is prone to remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier, 11.0.19, 17.0.7, 20.0.1 and earlier on Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 771

. . . continued from previous page . . .

The aw is due to improper application of hotspot module within the Java SE engine component
in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 03 - Windows
OID:[Link].4.1.25623.1.0.832318
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22041
url: [Link]
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1814
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-1972
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1657
dfn-cert: DFN-CERT-2023-1653

Medium (CVSS: 5.0)

NVT: Microsoft .NET Framework Denial of Service Vulnerability (2990931)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-053.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to cause a denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 and 4.5.2.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 772

. . . continued from previous page . . .

The aw is due to an error within a hash generation function when hashing requests and can
be exploited to cause a hash collision resulting in high CPU consumption via specially crafted
requests.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Denial of Service Vulnerability (2990931)
OID:[Link].4.1.25623.1.0.804480
Version used: 2023-07-27T[Link]Z

References
cve: CVE-2014-4072
url: [Link]
url: [Link]
cert-bund: CB-K14/1121
dfn-cert: DFN-CERT-2014-1175

Medium (CVSS: 5.0)

NVT: Microsoft Windows OLE Privilege Elevation Vulnerability (3072633)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-075.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to bypass security protections on aected systems.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012R2
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 773

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to Microsoft Windows incorrectly handles OLE objects in documents.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows OLE Privilege Elevation Vulnerability (3072633)
OID:[Link].4.1.25623.1.0.805677
Version used: 2023-07-14T[Link]Z

References
cve: CVE-2015-2416
cve: CVE-2015-2417
url: [Link]
url: [Link]
cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1060

Medium (CVSS: 5.0)

NVT: Microsoft SHA-2 Code Sign Support Defense in Depth (KB4474419)

Summary
This host is missing a defense-in-depth update according to Microsoft KB4474419

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.24382
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to bypass defense-in-depth measures and perform
exploitation.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1 and
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

. . . continues on next page . . .

2 RESULTS PER HOST 774

. . . continued from previous page . . .

Vulnerability Insight
Microsoft has released an update for SHA-2 code signing that introduces SHA-2 code sign support
for Windows 7 SP1, and Windows Server 2008 R2 SP1.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft SHA-2 Code Sign Support Defense in Depth (KB4474419)
OID:[Link].4.1.25623.1.0.814764
Version used: 2020-06-04T[Link]Z

References
url: [Link]

Medium (CVSS: 5.0)

NVT: Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-069.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow authenticated attackers to cause a denial of service condition
on the aected system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 Service Pack 1 and prior
- Microsoft Windows 2008 R2 Service Pack 1 and prior

Vulnerability Insight
The aw is present due to an error in Kerberos implementation which fails to properly handle a
specially crafted session.

Vulnerability Detection Method

Details: Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
OID:[Link].4.1.25623.1.0.901301
. . . continues on next page . . .
2 RESULTS PER HOST 775

. . . continued from previous page . . .

Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-2551
url: [Link]
url: [Link]
url: [Link]
,→12-069
dfn-cert: DFN-CERT-2012-1933

Medium (CVSS: 5.0)

NVT: Microsoft Schannel Information Disclosure Vulnerability (3061518)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-055.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attacker to gain access to potentially sensitive informa-
tion.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2

Vulnerability Insight
The aw is due to the use of a weak Die-Hellman ephemeral (DFE) key length of 512 bits in
an encrypted TLS session.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 776

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Microsoft Schannel Information Disclosure Vulnerability (3061518)
OID:[Link].4.1.25623.1.0.805552
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1716
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0668
dfn-cert: DFN-CERT-2015-0689

Medium (CVSS: 5.0)

NVT: Microsoft Windows Latest Servicing Stack Updates-Defense in Depth (KB3177467)

Summary
This host is missing an important security update according to Microsoft KB3177467.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: Less than 6.1.7601.23505
File checked: c:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf
,→3856ad364e35_6.1.7601.17514_none_678566b7ddea04a5\[Link]
File version: 6.1.7601.17514

Impact
Successful exploitation will allow an attacker to bypass a security control or take advantage of a
vulnerability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1

Vulnerability Insight
Microsoft has released latest servicing stack updates that provides enhanced security as a defense
in depth measure.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 777

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Latest Servicing Stack Updates-Defense in Depth (KB3177467)
OID:[Link].4.1.25623.1.0.814270
Version used: 2025-02-28T[Link]Z

References
url: [Link]
url: [Link]
,→1

Medium (CVSS: 5.0)

NVT: Microsoft Windows Search Component Denial of Service Vulnerability (3165270)

Summary
This host is missing an important security update according to Microsoft Bulletin MS16-082

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 7.0.7601.17514
Vulnerable range: Less than 7.0.7601.23451

Impact
Successful exploitation will allow an attacker to potentially escalate permissions or perform ad-
ditional privileged actions on the target machine.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows 10 x32/x64
- Microsoft Windows 10 Version 1511 x32/x64

Vulnerability Insight
The aw is due to the search component fails to properly handle certain objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 778

. . . continued from previous page . . .

Details: Microsoft Windows Search Component Denial of Service Vulnerability (3165270)
OID:[Link].4.1.25623.1.0.808163
Version used: 2023-07-21T[Link]Z

References
cve: CVE-2016-3230
url: [Link]
url: [Link]
cert-bund: CB-K16/0914
dfn-cert: DFN-CERT-2016-0969

Medium (CVSS: 5.0)

NVT: Microsoft Internet Explorer PDF Information Disclosure Vulnerability (Nov 2009)

Summary
Internet Explorer is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful attacks which may leads to the exposure of system information on the aected system.

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
Microsoft Internet Explorer version 6/7/8.

Vulnerability Insight
The weakness is due to an Internet Explorer including the rst 63 bytes of the le path in the
'Title' property when converting local HTML or MHT les to PDF using a PDF printer. This
can lead to the exposure of certain system information e.g. the user name.

Vulnerability Detection Method

Details: Microsoft Internet Explorer PDF Information Disclosure Vulnerability (Nov 2009)
OID:[Link].4.1.25623.1.0.900897
Version used: 2025-03-05T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 779

. . . continued from previous page . . .

References
cve: CVE-2009-4073
url: [Link]
url: [Link]
url: [Link]
,→ug/
url: [Link]
,→our-internal-disk-paths/

Medium (CVSS: 5.0)

NVT: Microsoft Windows Digital Signatures Denial of Service Vulnerability (2868626)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-095.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to cause a denial of service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2

Vulnerability Insight
Flaw is caused when Microsoft Windows improperly handles web-service request containing a
crafted X.509 certicate.

. . . continues on next page . . .

2 RESULTS PER HOST 780

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Digital Signatures Denial of Service Vulnerability (2868626)
OID:[Link].4.1.25623.1.0.903227
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-3869
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/0909
dfn-cert: DFN-CERT-2013-1921

Medium (CVSS: 4.9)

NVT: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2813170)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-031.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to execute arbitrary code with kernel-mode
privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8
- Microsoft Windows Server 2012
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

. . . continues on next page . . .

2 RESULTS PER HOST 781

. . . continued from previous page . . .

Vulnerability Insight
Multiple race condition errors when handling certain objects in memory can be exploited to
execute arbitrary code with kernel privileges.

Vulnerability Detection Method

Details: Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2813170)
OID:[Link].4.1.25623.1.0.902959
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1284
cve: CVE-2013-1294
url: [Link]
url: [Link]
url: [Link]
url: [Link]
dfn-cert: DFN-CERT-2013-0755

Medium (CVSS: 4.9)

NVT: Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerability

(2875783)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-093

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow disclosure of potentially sensitive information if an attacker
logs on to a user's system and runs a specially crafted application.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x64 Edition Service Pack 2 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 782

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due an error in Ancillary Function Driver (AFD) which does not properly copies data
from kernel memory to user memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerabilit.
,→..
OID:[Link].4.1.25623.1.0.903501
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-3887
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K13/0909
dfn-cert: DFN-CERT-2013-1921

Medium (CVSS: 4.9)

NVT: Microsoft Windows Kerberos Local Security Bypass Vulnerability (3105256)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-122.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.19043

Impact
Successful exploitation will allow local attackers to bypass certain security restrictions and per-
form unauthorized actions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
. . . continues on next page . . .
2 RESULTS PER HOST 783

. . . continued from previous page . . .

- Microsoft Windows 10 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Service Pack 1

Vulnerability Insight
The aw is due to Kerberos fails to check the password change of a user signing into a workstation.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kerberos Local Security Bypass Vulnerability (3105256)
OID:[Link].4.1.25623.1.0.806556
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-6095
url: [Link]
url: [Link]
cert-bund: CB-K15/1649
dfn-cert: DFN-CERT-2015-1742

Medium (CVSS: 4.9)

NVT: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2778344)

Summary
This host is missing an important security update according to Microsoft Bulletin MS13-016.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to a specially crafted program to exploit race
conditions in '[Link]' and gain System level privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 784

. . . continued from previous page . . .

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
The aws due to an error in '[Link]' when handling kernel-mode driver objects in memory.

Vulnerability Detection Method

Details: Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2778.
,→..
OID:[Link].4.1.25623.1.0.902943
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2013-1248
cve: CVE-2013-1249
cve: CVE-2013-1250
cve: CVE-2013-1264
cve: CVE-2013-1251
cve: CVE-2013-1265
cve: CVE-2013-1252
cve: CVE-2013-1266
cve: CVE-2013-1253
cve: CVE-2013-1267
cve: CVE-2013-1254
cve: CVE-2013-1255
cve: CVE-2013-1256
cve: CVE-2013-1257
cve: CVE-2013-1258
cve: CVE-2013-1259
cve: CVE-2013-1260
cve: CVE-2013-1261
cve: CVE-2013-1262
cve: CVE-2013-1263
cve: CVE-2013-1268
cve: CVE-2013-1269
cve: CVE-2013-1270
cve: CVE-2013-1271
cve: CVE-2013-1272
cve: CVE-2013-1273
cve: CVE-2013-1274
cve: CVE-2013-1275
. . . continues on next page . . .
2 RESULTS PER HOST 785

. . . continued from previous page . . .

cve: CVE-2013-1276
cve: CVE-2013-1277
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→13-016
cert-bund: CB-K14/0283
dfn-cert: DFN-CERT-2013-0288

Medium (CVSS: 4.8)

NVT: Oracle Java SE Security Update (Oct24) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

. . . continues on next page . . .

2 RESULTS PER HOST 786

. . . continued from previous page . . .

Quality of Detection (QoD): 97%
Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to disclose information and cause partial denial of
service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u421 and prior, 17.0.x through 17.0.12, 11.0.x through 11.0.24, 21.0.x
through 21.0.4 and 23 on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21235: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21210: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21208: An error in the Networking component of Oracle Java SE.
- CVE-2024-21217: An error in the Serialization component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Oct24) - Windows
OID:[Link].4.1.25623.1.0.834686
Version used: 2024-10-18T[Link]Z

References
cve: CVE-2024-21235
cve: CVE-2024-21210
cve: CVE-2024-21208
cve: CVE-2024-21217
url: [Link]
cert-bund: WID-SEC-2025-0794
cert-bund: WID-SEC-2025-0580
cert-bund: WID-SEC-2024-3206
cert-bund: WID-SEC-2024-3189
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2025-1788
dfn-cert: DFN-CERT-2025-1662
. . . continues on next page . . .
2 RESULTS PER HOST 787

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2025-1645
dfn-cert: DFN-CERT-2025-1071
dfn-cert: DFN-CERT-2025-0933
dfn-cert: DFN-CERT-2025-0927
dfn-cert: DFN-CERT-2025-0835
dfn-cert: DFN-CERT-2025-0619
dfn-cert: DFN-CERT-2024-3323
dfn-cert: DFN-CERT-2024-3259
dfn-cert: DFN-CERT-2024-3247
dfn-cert: DFN-CERT-2024-3219
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2760
dfn-cert: DFN-CERT-2024-2739
dfn-cert: DFN-CERT-2024-2738

Medium (CVSS: 4.8)

NVT: Oracle Java SE Security Updates - 04 - (cpujul2020) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful attacks of this vulnerability can result in unauthorized update, insert or delete access
to some accessible data as well as unauthorized read access to a subset of accessible data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u251 ([Link]) and earlier, 11.0.7 and earlier, 14.0.1 and earlier on
Windows.

Vulnerability Insight
Multiple aws exist due to errors in the components 'Libraries' and '2D'.

. . . continues on next page . . .

2 RESULTS PER HOST 788

. . . continued from previous page . . .

Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 04 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118168
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14556
cve: CVE-2020-14581
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1522
cert-bund: CB-K20/1075
cert-bund: CB-K20/0715
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1531

Medium (CVSS: 4.8)

NVT: Oracle Java SE Security Update (Oct24) - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to disclose information and cause partial denial of
service attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u421 and prior, 17.0.x through 17.0.12, 11.0.x through 11.0.24, 21.0.x
through 21.0.4 and 23 on Windows.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 789

. . . continued from previous page . . .

These vulnerabilities exist:
- CVE-2024-21235: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21210: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21208: An error in the Networking component of Oracle Java SE.
- CVE-2024-21217: An error in the Serialization component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Oct24) - Windows
OID:[Link].4.1.25623.1.0.834686
Version used: 2024-10-18T[Link]Z

References
cve: CVE-2024-21235
cve: CVE-2024-21210
cve: CVE-2024-21208
cve: CVE-2024-21217
url: [Link]
cert-bund: WID-SEC-2025-0794
cert-bund: WID-SEC-2025-0580
cert-bund: WID-SEC-2024-3206
cert-bund: WID-SEC-2024-3189
dfn-cert: DFN-CERT-2025-2802
dfn-cert: DFN-CERT-2025-1788
dfn-cert: DFN-CERT-2025-1662
dfn-cert: DFN-CERT-2025-1645
dfn-cert: DFN-CERT-2025-1071
dfn-cert: DFN-CERT-2025-0933
dfn-cert: DFN-CERT-2025-0927
dfn-cert: DFN-CERT-2025-0835
dfn-cert: DFN-CERT-2025-0619
dfn-cert: DFN-CERT-2024-3323
dfn-cert: DFN-CERT-2024-3259
dfn-cert: DFN-CERT-2024-3247
dfn-cert: DFN-CERT-2024-3219
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2760
dfn-cert: DFN-CERT-2024-2739
dfn-cert: DFN-CERT-2024-2738

Medium (CVSS: 4.8)

NVT: Oracle Java SE Security Updates (oct2019-5072832) 04 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 790

. . . continued from previous page . . .

Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u221 ([Link]) and earlier, 11.0.4 and earlier, 13 on Windows.

Vulnerability Insight
The aw exists due to an error in 'Scripting' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2019-5072832) 04 - Windows
OID:[Link].4.1.25623.1.0.815644
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2975
url: [Link]
,→l
cert-bund: WID-SEC-2023-0524
cert-bund: CB-K20/0139
cert-bund: CB-K19/0910
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2019-2161

Medium (CVSS: 4.8)

NVT: Oracle Java SE Security Updates (oct2019-5072832) 04 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 791

. . . continued from previous page . . .

Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u221 ([Link]) and earlier, 11.0.4 and earlier, 13 on Windows.

Vulnerability Insight
The aw exists due to an error in 'Scripting' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2019-5072832) 04 - Windows
OID:[Link].4.1.25623.1.0.815644
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2975
url: [Link]
,→l
cert-bund: WID-SEC-2023-0524
cert-bund: CB-K20/0139
cert-bund: CB-K19/0910
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2019-2161

Medium (CVSS: 4.8)

NVT: Oracle Java SE Security Updates - 04 - (cpujul2020) - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 792

. . . continued from previous page . . .

Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful attacks of this vulnerability can result in unauthorized update, insert or delete access
to some accessible data as well as unauthorized read access to a subset of accessible data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u251 ([Link]) and earlier, 11.0.7 and earlier, 14.0.1 and earlier on
Windows.

Vulnerability Insight
Multiple aws exist due to errors in the components 'Libraries' and '2D'.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 04 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118168
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14556
cve: CVE-2020-14581
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1522
cert-bund: CB-K20/1075
cert-bund: CB-K20/0715
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1531
2 RESULTS PER HOST 793

Medium (CVSS: 4.3)

NVT: Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992)

Summary
This host is missing an important security update according to Microsoft Bulletin MS12-049.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow an attacker to gain access to sensitive information that may
aid in further attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Microsoft Windows contains a aw related to the Transport Layer Security (TLS) Handshake
Protocol when the Cipher-block chaining (CBC) mode of operation is used. This aw may allow
a remote attacker to gain access to decrypted trac.

Vulnerability Detection Method

Details: Microsoft Windows TLS Protocol Information Disclosure Vulnerability (2655992)
OID:[Link].4.1.25623.1.0.902846
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2012-1870
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→12-049
. . . continues on next page . . .
2 RESULTS PER HOST 794

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-1328

Medium (CVSS: 4.3)

NVT: Microsoft Windows Photo Decoder Information Disclosure Vulnerability (3035126)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-029.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain access to potentially sensitive infor-
mation in memory.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Flaw exists due to error in the Photo decoder that is triggered as the program fails to handle
uninitialized memory when parsing a specially crafted JPEG XR image

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Photo Decoder Information Disclosure Vulnerability (3035126)
OID:[Link].4.1.25623.1.0.805501
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0076
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 795

. . . continued from previous page . . .

cert-bund: CB-K15/0319
dfn-cert: DFN-CERT-2015-0324

Medium (CVSS: 4.3)

NVT: Microsoft Window Audio Service Privilege Escalation Vulnerability (3005607)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-071.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow an attacker to execute arbitrary scripts with elevated privi-
leges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
The aw is due to an error within the Windows Audio Service.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Window Audio Service Privilege Escalation Vulnerability (3005607)
OID:[Link].4.1.25623.1.0.804880
Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-6322
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 796

. . . continued from previous page . . .

url: [Link]
cert-bund: CB-K14/1402
dfn-cert: DFN-CERT-2014-1473

Medium (CVSS: 4.3)

NVT: Microsoft Windows Remote Desktop Protocol Security Feature Bypass Vulnerability
(3003743)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-074.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow an attacker to bypass the audit logon security feature.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
The aw is due to the Remote Desktop Protocol (RDP) not properly logging failed logon at-
tempts.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Remote Desktop Protocol Security Feature Bypass Vulnerability.
,→..
OID:[Link].4.1.25623.1.0.805017
Version used: 2023-07-27T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 797

. . . continued from previous page . . .

cve: CVE-2014-6318
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/1402
dfn-cert: DFN-CERT-2014-1473

Medium (CVSS: 4.3)

NVT: Microsoft Windows XML Core Services Information Disclosure Vulnerability (3080129)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-084.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to conduct man-in-the-middle (MiTM) attack
and gain access to sensitive data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012 R2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
Flaw exists due to:
- An error in Microsoft XML Core Services which allows forceful use of Secure Sockets Layer
(SSL) 2.0.
- An error in Microsoft XML Core Services which exposes memory addresses not intended for
public disclosure.

Vulnerability Detection Method

. . . continues on next page . . .
2 RESULTS PER HOST 798

. . . continued from previous page . . .

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows XML Core Services Information Disclosure Vulnerability (30801.
,→..
OID:[Link].4.1.25623.1.0.805950
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2434
cve: CVE-2015-2471
cve: CVE-2015-2440
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1174
dfn-cert: DFN-CERT-2015-1236

Medium (CVSS: 4.3)

NVT: Oracle Java SE Security Update (jul2021) 01 - Windows

Summary
This host is missing a security update according to Oracle.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity and conden-
tiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
. . . continues on next page . . .
2 RESULTS PER HOST 799

. . . continued from previous page . . .

Oracle Java SE version 7u301 ([Link]) and earlier, 8u291 ([Link]) and earlier, 11.0.11 and
earlier, 16.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' and 'Networking' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2021) 01 - Windows
OID:[Link].4.1.25623.1.0.818168
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-2341
cve: CVE-2021-2369
url: [Link]
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-0464
cert-bund: WID-SEC-2022-0024
cert-bund: CB-K22/0675
cert-bund: CB-K22/0239
cert-bund: CB-K21/0981
cert-bund: CB-K21/0783
dfn-cert: DFN-CERT-2022-1247
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2021-2310
dfn-cert: DFN-CERT-2021-1825
dfn-cert: DFN-CERT-2021-1728
dfn-cert: DFN-CERT-2021-1534
dfn-cert: DFN-CERT-2021-1533

Medium (CVSS: 4.3)

NVT: Microsoft Schannel Security Feature Bypass Vulnerability (3046049)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-031.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

. . . continues on next page . . .

2 RESULTS PER HOST 800

. . . continued from previous page . . .

Impact
Successful exploitation will allow remote attacker to conduct cipher-downgrade attacks to EX-
PORT_RSA ciphers via crafted TLS trac.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2

Vulnerability Insight
The aw is due to an error in schannel which does not properly restrict TLS state transitions.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Schannel Security Feature Bypass Vulnerability (3046049)
OID:[Link].4.1.25623.1.0.805490
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1637
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
cert-bund: CB-K15/0290
dfn-cert: DFN-CERT-2015-0324
dfn-cert: DFN-CERT-2015-0300

Medium (CVSS: 4.3)

NVT: Oracle Java SE Security Update (jul2021) 01 - Windows

Summary
This host is missing a security update according to Oracle.

. . . continues on next page . . .

2 RESULTS PER HOST 801

. . . continued from previous page . . .

Quality of Detection (QoD): 97%
Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on integrity and conden-
tiality.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u301 ([Link]) and earlier, 8u291 ([Link]) and earlier, 11.0.11 and
earlier, 16.0.1 and earlier on Windows.

Vulnerability Insight
Multiple aws are due to multiple errors in 'Libraries' and 'Networking' components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2021) 01 - Windows
OID:[Link].4.1.25623.1.0.818168
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-2341
cve: CVE-2021-2369
url: [Link]
cert-bund: WID-SEC-2023-0063
cert-bund: WID-SEC-2022-0464
cert-bund: WID-SEC-2022-0024
cert-bund: CB-K22/0675
cert-bund: CB-K22/0239
cert-bund: CB-K21/0981
cert-bund: CB-K21/0783
dfn-cert: DFN-CERT-2022-1247
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2022-0074
dfn-cert: DFN-CERT-2021-2310
. . . continues on next page . . .
2 RESULTS PER HOST 802

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-1825
dfn-cert: DFN-CERT-2021-1728
dfn-cert: DFN-CERT-2021-1534
dfn-cert: DFN-CERT-2021-1533

Medium (CVSS: 4.3)

NVT: Microsoft Windows XML Core Services Security Feature Bypass Vulnerability (3046482)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-039.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to bypass security restrictions and gain access
to sensitive user information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2
- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2

Vulnerability Insight
Flaw exists due to some unspecied error in XML Core services that may allow a context-
dependent attacker to bypass the same-origin policy.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows XML Core Services Security Feature Bypass Vulnerability (3046.
,→..
OID:[Link].4.1.25623.1.0.805533
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1646
. . . continues on next page . . .
2 RESULTS PER HOST 803

. . . continued from previous page . . .

url: [Link]
url: [Link]
cert-bund: CB-K15/0527
dfn-cert: DFN-CERT-2015-0545

Medium (CVSS: 4.3)

NVT: Microsoft PNG Processing Information Disclosure Vulnerability (3035132)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS15-024.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attacker to access sensitive information that could be
used to launch additional attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Vista x32/x64 Service Pack 2
- Microsoft Windows Server 2008 x32 Service Pack 2
- Microsoft Windows Server 2008 R2 x64 Service Pack 1
- Microsoft Windows Server 2008 x64 Service Pack 2
- Microsoft Windows 7 x32/x64 Service Pack 1
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/2012R2

Vulnerability Insight
The aw is due to improper memory operations performed by the aected software when handling
crafted content

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft PNG Processing Information Disclosure Vulnerability (3035132)
OID:[Link].4.1.25623.1.0.805489
Version used: 2023-07-25T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 804

. . . continued from previous page . . .

References
cve: CVE-2015-0080
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
dfn-cert: DFN-CERT-2015-0324

Medium (CVSS: 4.3)

NVT: Microsoft Windows NETLOGON Spoong Vulnerability (3002657)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-027.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote man-in-the-middle attacker to conduct SMB relay at-
tacks on domain environments utilizing SMB Signing enforcement, and decrypt SMB3 commu-
nications intercepted.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012/R2
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
Flaw is due to Netlogon service improperly establishes a secure communications channel belong-
ing to a dierent machine with a spoofed computer name.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows NETLOGON Spoofing Vulnerability (3002657)
OID:[Link].4.1.25623.1.0.805145
Version used: 2023-07-25T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 805

. . . continued from previous page . . .

References
cve: CVE-2015-0005
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
dfn-cert: DFN-CERT-2015-0324

Medium (CVSS: 4.3)

NVT: Microsoft .NET Framework Security Bypass Vulnerability (2984625)

Summary
This host is missing an important security update according to Microsoft Bulletin MS14-046.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow an attacker to execute of arbitrary code and bypass certain
security mechanism.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 2.0 Service Pack 2, 3.0 Service Pack 2, 3.5, 3.5.1.

Vulnerability Insight
Flaw is triggered when handling specially crafted website content due to the Address Space
Layout Randomization (ASLR) security feature.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Security Bypass Vulnerability (2984625)
OID:[Link].4.1.25623.1.0.804740
Version used: 2023-07-26T[Link]Z

References
cve: CVE-2014-4062
url: [Link]
url: [Link]
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 806

. . . continued from previous page . . .

cert-bund: CB-K14/1013
dfn-cert: DFN-CERT-2014-1053

Medium (CVSS: 4.3)

NVT: Microsoft .NET Framework Privilege Elevation Vulnerabilities (3104507)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-118.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\[Link]\Framework64\v2.0.50727\[Link]
,→[Link]
File version: 2.0.50727.5420
Vulnerable range: Less than 2.0.50727.5493

Impact
Successful exploitation will allow an attacker to gain read access to local les, bypass the security
feature and then load additional malicious code, inject client-side script into a users browser and
ultimately modify or spoof content, conduct phishing activities, disclose information, or perform
any action on the vulnerable website that the target user has permission to perform.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft .NET Framework 2.0 Service Pack 2
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4
- Microsoft .NET Framework 4.5, 4.5.1, and 4.5.2
- Microsoft .NET Framework 4.6, 4.6 RC

Vulnerability Insight
Multiple aws exist due to:
- An error in the .NET Framework DTD parsing of certain specially crafted XML les.
- [Link] improperly validates values in HTTP requests.
- An error in the .NET Framework component which does not properly implement the Address
Space Layout Randomization (ASLR) security feature.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 807

. . . continued from previous page . . .

Details: Microsoft .NET Framework Privilege Elevation Vulnerabilities (3104507)
OID:[Link].4.1.25623.1.0.806614
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-6096
cve: CVE-2015-6099
cve: CVE-2015-6115
url: [Link]
url: [Link]
cert-bund: CB-K15/1656
dfn-cert: DFN-CERT-2015-1740

Medium (CVSS: 4.3)

NVT: Microsoft Windows Minimum Certicate Key Length Spoong Vulnerability (2661254)

Summary
Microsoft Windows operating system is prone to digital certicate key length spoong vulnera-
bility.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to spoof content, perform phishing attacks or
perform man-in-the-middle attacks.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
- Microsoft Windows XP x32 Edition Service Pack 3 and prior
- Microsoft Windows XP x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 808

. . . continued from previous page . . .

The private keys used in digital certicate with RSA keys less than 1024 bits in length can be
derived and could allow an attacker to duplicate the certicates. An duplicate certicate could
be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

Vulnerability Detection Method

Details: Microsoft Windows Minimum Certificate Key Length Spoofing Vulnerability (266125.
,→..
OID:[Link].4.1.25623.1.0.803007
Version used: 2023-07-25T[Link]Z

References
url: [Link]
url: [Link]
,→661254
url: [Link]
,→[Link]

Medium (CVSS: 4.3)

NVT: Microsoft Windows Unauthorized Digital Certicates Spoong Vulnerability (2718704)

Summary
Microsoft Windows operating system is prone to a digital certicates spoong vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to spoof content, perform phishing attacks or
perform man-in-the-middle attacks.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
- Microsoft Windows 7 Service Pack 1 and prior
- Microsoft Windows XP Service Pack 3 and prior
- Microsoft Windows Vista Service Pack 2 and prior
- Microsoft Windows Server 2003 Service Pack 2 and prior
- Microsoft Windows Server 2008 Service Pack 2 and prior

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 809

. . . continued from previous page . . .

The aw is due to unauthorized digital certicates derived from a Microsoft Certicate Authority.
An unauthorized certicate could be used to spoof content, perform phishing attacks, or perform
man-in-the-middle attacks.

Vulnerability Detection Method

Details: Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (271.
,→..
OID:[Link].4.1.25623.1.0.802634
Version used: 2023-07-25T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
,→718704
url: [Link]

Medium (CVSS: 4.3)

NVT: Microsoft Cryptographic Cipher Suite Prioritization Advisory (3042058)

Summary
This host is missing an important security update according to Microsoft advisory (3042058).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Version Less than - 6.1.7601.18812

Impact
Successful exploitation will allow attackers to break certain authentication scenarios.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012 R2
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
. . . continues on next page . . .
2 RESULTS PER HOST 810

. . . continued from previous page . . .

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
An update is available that improves eectiveness of encryption in Windows operating systems
by adding cipher suites to the default list on aected systems and thus improving cipher suite
priority ordering.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Cryptographic Cipher Suite Prioritization Advisory (3042058)
OID:[Link].4.1.25623.1.0.806091
Version used: 2023-07-25T[Link]Z

References
url: [Link]
url: [Link]

Medium (CVSS: 4.3)

NVT: Microsoft Windows Command Line Parameter Information Disclosure Vulnerability

(3082458)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-088.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Less than 6.1.7601.18918

Impact
Successful exploitation will allow a local attacker to obtain sensitive information that may aid
in further attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012
. . . continues on next page . . .
2 RESULTS PER HOST 811

. . . continued from previous page . . .

- Microsoft Windows Server 2012R2
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to an improper security restrictions on les stored on an aected system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Command Line Parameter Information Disclosure Vulnerability (.
,→..
OID:[Link].4.1.25623.1.0.806012
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2423
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1174
cert-bund: CB-K15/1172
cert-bund: CB-K15/1169
dfn-cert: DFN-CERT-2015-1236
dfn-cert: DFN-CERT-2015-1235
dfn-cert: DFN-CERT-2015-1231

Medium (CVSS: 4.3)

NVT: Microsoft Graphics Component Information Disclosure Vulnerability (3029944)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-016.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to disclose certain sensitive information.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 812

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw is due to improper handling uninitialized memory when parsing certain, specially crafted
TIFF image format les.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Graphics Component Information Disclosure Vulnerability (3029944)
OID:[Link].4.1.25623.1.0.805137
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0061
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0171
dfn-cert: DFN-CERT-2015-0175

Medium (CVSS: 4.3)

NVT: Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnerability
(2475792)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS11-009.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 813

. . . continued from previous page . . .

Successful exploitation will allow remote attackers to gain access to sensitive information that
may aid in further attacks.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is caused by a memory corruption error in the JScript and VBScript scripting engines
when processing scripts in Web pages.

Vulnerability Detection Method

Details: Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnera.
,→..
OID:[Link].4.1.25623.1.0.902336
Version used: 2025-03-05T[Link]Z

References
cve: CVE-2011-0031
url: [Link]
url: [Link]
url: [Link]
,→11-009
dfn-cert: DFN-CERT-2011-0161

Medium (CVSS: 4.3)

NVT: Microsoft DES Encryption Security Advisory (3057154)

Summary
This host is missing an important security update according to Microsoft advisory (3057154).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow attackers to break certain authentication scenarios.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 814

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
An update is available that provides enhanced user protection in environments where DES is
still enabled for application compatibility reasons.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft DES Encryption Security Advisory (3057154)
OID:[Link].4.1.25623.1.0.805678
Version used: 2023-07-25T[Link]Z

References
url: [Link]
url: [Link]

Medium (CVSS: 4.2)

NVT: Oracle Java SE Security Update (cpuoct2020 - 01) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 815

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u271 ([Link]) and earlier, 8u261 ([Link]) and earlier, 11.0.8 and
earlier, 15.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Hotspot, Serialization and JNDI.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuoct2020 - 01) - Windows
OID:[Link].4.1.25623.1.0.817610
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-14792
cve: CVE-2020-14781
cve: CVE-2020-14782
cve: CVE-2020-14797
cve: CVE-2020-14779
cve: CVE-2020-14796
cve: CVE-2020-14798
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-2242
cert-bund: WID-SEC-2022-1285
cert-bund: CB-K21/0927
cert-bund: CB-K21/0279
cert-bund: CB-K20/1014
dfn-cert: DFN-CERT-2021-1839
dfn-cert: DFN-CERT-2021-1798
dfn-cert: DFN-CERT-2021-0862
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2020-2682
dfn-cert: DFN-CERT-2020-2290

Medium (CVSS: 4.2)

NVT: Oracle Java SE Security Update (cpuoct2020 - 01) - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 816

. . . continued from previous page . . .

Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality, integrity
and availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u271 ([Link]) and earlier, 8u261 ([Link]) and earlier, 11.0.8 and
earlier, 15.

Vulnerability Insight
Multiple aws are due to errors in components Libraries, JSSE, Hotspot, Serialization and JNDI.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuoct2020 - 01) - Windows
OID:[Link].4.1.25623.1.0.817610
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-14792
cve: CVE-2020-14781
cve: CVE-2020-14782
cve: CVE-2020-14797
cve: CVE-2020-14779
cve: CVE-2020-14796
cve: CVE-2020-14798
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-2242
cert-bund: WID-SEC-2022-1285
cert-bund: CB-K21/0927
cert-bund: CB-K21/0279
cert-bund: CB-K20/1014
. . . continues on next page . . .
2 RESULTS PER HOST 817

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2021-1839
dfn-cert: DFN-CERT-2021-1798
dfn-cert: DFN-CERT-2021-0862
dfn-cert: DFN-CERT-2021-0543
dfn-cert: DFN-CERT-2021-0352
dfn-cert: DFN-CERT-2021-0332
dfn-cert: DFN-CERT-2020-2682
dfn-cert: DFN-CERT-2020-2290

Medium (CVSS: 4.2)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 06 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality and integrity via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier on Win-
dows.

Vulnerability Insight
The aw is due to an unspecied error in 'RMI' component of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 06 - Windows
OID:[Link].4.1.25623.1.0.813306
Version used: 2021-10-11T[Link]Z

. . . continues on next page . . .

2 RESULTS PER HOST 818

. . . continued from previous page . . .

References
cve: CVE-2018-2800
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-0724

Medium (CVSS: 4.2)

NVT: Oracle Java SE Security Updates (apr2018-3678067) 06 - Windows

Summary
Oracle Java SE is prone to an unspecied vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to aect condentiality and integrity via
unknown vectors.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version [Link] and earlier, [Link] and earlier, [Link] and earlier on Win-
dows.

Vulnerability Insight
The aw is due to an unspecied error in 'RMI' component of Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 06 - Windows
OID:[Link].4.1.25623.1.0.813306
. . . continues on next page . . .
2 RESULTS PER HOST 819

. . . continued from previous page . . .

Version used: 2021-10-11T[Link]Z

References
cve: CVE-2018-2800
url: [Link]
cert-bund: WID-SEC-2023-1375
cert-bund: CB-K18/0808
cert-bund: CB-K18/0732
cert-bund: CB-K18/0600
dfn-cert: DFN-CERT-2018-1145
dfn-cert: DFN-CERT-2018-0724

Medium (CVSS: 4.0)

NVT: Microsoft Inadvertently Disclosed Digital Certicates Advisory (3097966)

Summary
This host is missing an important security update according to Microsoft advisory (3097966).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: Version Less than - 6.1.7601.18519

Impact
Successful exploitation will allow attackers to conduct spoong attack.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012 R2
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 820

. . . continued from previous page . . .

An update is available that modies the Code Integrity component in Windows to extend trust
removal for the certicates to also preclude kernel-mode code signing.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Inadvertently Disclosed Digital Certificates Advisory (3097966)
OID:[Link].4.1.25623.1.0.806092
Version used: 2023-07-25T[Link]Z

References
url: [Link]
url: [Link]

Medium (CVSS: 4.0)

NVT: Microsoft Internet Explorer Information Disclosure and Web Site Spoong Vulnerabilities

Summary
Microsoft Internet Explorer is prone to information disclosure and web site spoong vulnerabil-
ities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation allows attackers to disclose the sensitive information and view the contents
of spoofed site or carry out phishing attacks.

Solution:
Solution type: WillNotFix
No known solution was made available for at least one year since the disclosure of this vulnera-
bility. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

Aected Software/OS
Microsoft Internet Explorer versions 8 and 9.

Vulnerability Insight
The proxy settings conguration has same proxy address and value for HTTP and HTTPS,
- TCP session to proxy server will not properly be reused. This allows remote attackers to steal
cookie information via crafted HTML document.
. . . continues on next page . . .
2 RESULTS PER HOST 821

. . . continued from previous page . . .

- SSl lock consistency with address bar is not ensured. This allows remote attackers to spoof
web sites via a crafted HTML document.

Vulnerability Detection Method

Details: Microsoft Internet Explorer Information Disclosure and Web Site Spoofing Vulner.
,→..
OID:[Link].4.1.25623.1.0.803305
Version used: 2025-08-01T[Link]Z

References
cve: CVE-2013-1450
cve: CVE-2013-1451
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]

Medium (CVSS: 4.0)

NVT: Microsoft Windows Active Directory Service Denial of Service Vulnerability (3072595)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-096.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.1.7601.17514
Vulnerable range: 6.1.7601.18000 - 6.1.7601.18956

Impact
Successful exploitation will allow an the attacker to cause the service to become non-responsive,
resulting in denial-of-service conditions.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012R2
. . . continues on next page . . .
2 RESULTS PER HOST 822

. . . continued from previous page . . .

- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior

Vulnerability Insight
The aw is due to improper resource management by the aected software while creating multiple
machine accounts.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Active Directory Service Denial of Service Vulnerability (307.
,→..
OID:[Link].4.1.25623.1.0.806044
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2535
url: [Link]
url: [Link]
cert-bund: CB-K15/1321
dfn-cert: DFN-CERT-2015-1385

[ return to [Link] ]

2.1.22 Medium 135/tcp

Medium (CVSS: 5.0)

NVT: DCE/RPC and MSRPC Services Enumeration Reporting

Summary
Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) or MSRPC ser-
vices running on the remote host can be enumerated by connecting on port 135 and doing the
appropriate queries.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Here is the list of DCE/RPC or MSRPC services running on this host via the TCP p
,→rotocol:
Port: 49152/tcp
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1
Endpoint: ncacn_ip_tcp:[Link][49152]
Port: 49153/tcp
UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1
Endpoint: ncacn_ip_tcp:[Link][49153]
. . . continues on next page . . .
2 RESULTS PER HOST 823

. . . continued from previous page . . .

Annotation: NRP server endpoint
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1
Endpoint: ncacn_ip_tcp:[Link][49153]
Annotation: DHCP Client LRPC Endpoint
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1
Endpoint: ncacn_ip_tcp:[Link][49153]
Annotation: DHCPv6 Client LRPC Endpoint
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1
Endpoint: ncacn_ip_tcp:[Link][49153]
Annotation: Event log TCPIP
Port: 49154/tcp
UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1
Endpoint: ncacn_ip_tcp:[Link][49154]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1
Endpoint: ncacn_ip_tcp:[Link][49154]
Annotation: IP Transition Configuration endpoint
UUID: 86d35949-83c9-4044-b424-db363231fd0c, version 1
Endpoint: ncacn_ip_tcp:[Link][49154]
UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1
Endpoint: ncacn_ip_tcp:[Link][49154]
Annotation: XactSrv service
UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1
Endpoint: ncacn_ip_tcp:[Link][49154]
Annotation: IKE/Authip API
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1
Endpoint: ncacn_ip_tcp:[Link][49154]
Annotation: Impl friendly name
Port: 49162/tcp
UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1
Endpoint: ncacn_ip_tcp:[Link][49162]
Named pipe : lsass
Win32 service or process : [Link]
Description : SAM access
Port: 49230/tcp
UUID: 367abb81-9844-35f1-ad32-98f038001003, version 2
Endpoint: ncacn_ip_tcp:[Link][49230]
Port: 49267/tcp
UUID: 12345678-1234-abcd-ef00-0123456789ab, version 1
Endpoint: ncacn_ip_tcp:[Link][49267]
Annotation: IPSec Policy agent endpoint
Named pipe : spoolss
Win32 service or process : [Link]
Description : Spooler service
UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48, version 1
Endpoint: ncacn_ip_tcp:[Link][49267]
Annotation: Remote Fw APIs
Note: DCE/RPC or MSRPC services running on this host locally were identified. Re
. . . continues on next page . . .
2 RESULTS PER HOST 824

. . . continued from previous page . . .

,→porting this list is not enabled by default due to the possible large size of
,→this list. See the script preferences to enable this reporting.

Impact
An attacker may use this fact to gain more knowledge about the remote host.

Solution:
Solution type: Mitigation
Filter incoming trac to this ports.

Vulnerability Detection Method

Details: DCE/RPC and MSRPC Services Enumeration Reporting
OID:[Link].4.1.25623.1.0.10736
Version used: 2022-06-03T[Link]Z

[ return to [Link] ]

2.1.23 Medium 4848/tcp

Medium (CVSS: 5.0)

NVT: SSL/TLS: Known Untrusted / Dangerous Certicate Authority (CA) Detection

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Collect and Report Certificate Details (OID: [Link].4.1.25
,→623.1.0.103692)

Summary
The service is using an SSL/TLS certicate from a known untrusted and/or dangerous certicate
authority (CA).

Quality of Detection (QoD): 99%

Vulnerability Detection Result
The certificate of the remote service is signed by the following untrusted and/o
,→r dangerous CA:
Issuer: CN=localhost,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=Californ
,→ia,C=US
Certificate details:
fingerprint (SHA-1) | 4A5758F59279E82F2A913C83CA658D6964575A72
fingerprint (SHA-256) | AB48B2E6C44C50867FB3703083F1CEE806F4B575F0E3AD
,→5B23381002A885F556
. . . continues on next page . . .
2 RESULTS PER HOST 825

. . . continued from previous page . . .

issued by | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
public key algorithm | RSA
public key size (bits) | 2048
serial | 04A9972F
signature algorithm | sha256WithRSAEncryption
subject | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
subject alternative names (SAN) | None
valid from | 2013-05-15 [Link] UTC
valid until | 2023-05-13 [Link] UTC

Impact
An attacker could use this for man-in-the-middle (MITM) attacks, accessing sensible data and
other attacks.

Solution:
Solution type: Mitigation
Replace the SSL/TLS certicate with one signed by a trusted CA.

Vulnerability Detection Method

The script reads the certicate used by the target host and checks if it was signed by a known
untrusted and/or dangerous CA.
Details: SSL/TLS: Known Untrusted / Dangerous Certificate Authority (CA) Detection
OID:[Link].4.1.25623.1.0.113054
Version used: 2024-06-14T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Collect and Report Certificate Details
OID: [Link].4.1.25623.1.0.103692)

Medium (CVSS: 5.0)

NVT: SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)

Summary
The remote SSL/TLS service is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 70%

Vulnerability Detection Result
The following indicates that the remote SSL/TLS service is affected:
Protocol Version | Successful re-done SSL/TLS handshakes (Renegotiation) over an
,→ existing / already established SSL/TLS connection
. . . continues on next page . . .
2 RESULTS PER HOST 826

. . . continued from previous page . . .

--------------------------------------------------------------------------------
,→--------------------------------------------------
TLSv1.0 | 10
TLSv1.1 | 10
TLSv1.2 | 10

Impact
The aw might make it easier for remote attackers to cause a DoS (CPU consumption) by
performing many renegotiations within a single connection.

Solution:
Solution type: VendorFix
Users should contact their vendors for specic patch information.
A general solution is to remove/disable renegotiation capabilities altogether from/in the aected
SSL/TLS service.

Aected Software/OS
Every SSL/TLS service which does not properly restrict client-initiated renegotiation.

Vulnerability Insight
The aw exists because the remote SSL/TLS service does not properly restrict client-initiated
renegotiation within the SSL and TLS protocols.
Note: The referenced CVEs are aecting OpenSSL and Mozilla Network Security Services (NSS)
but both are in a DISPUTED state with the following rationale:
> It can also be argued that it is the responsibility of server deployments, not a security library,
to prevent or limit renegotiation when it is inappropriate within a specic environment.
Both CVEs are still kept in this VT as a reference to the origin of this aw.

Vulnerability Detection Method

Checks if the remote service allows to re-do the same SSL/TLS handshake (Renegotiation) over
an existing / already established SSL/TLS connection.
Details: SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
OID:[Link].4.1.25623.1.0.117761
Version used: 2024-09-27T[Link]Z

References
cve: CVE-2011-1473
cve: CVE-2011-5094
url: [Link]
,→tiation-dos/
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0796
cert-bund: WID-SEC-2023-1435
. . . continues on next page . . .
2 RESULTS PER HOST 827

. . . continued from previous page . . .

cert-bund: CB-K17/0980
cert-bund: CB-K17/0979
cert-bund: CB-K14/0772
cert-bund: CB-K13/0915
cert-bund: CB-K13/0462
dfn-cert: DFN-CERT-2025-0933
dfn-cert: DFN-CERT-2017-1013
dfn-cert: DFN-CERT-2017-1012
dfn-cert: DFN-CERT-2014-0809
dfn-cert: DFN-CERT-2013-1928
dfn-cert: DFN-CERT-2012-1112

Medium (CVSS: 5.0)

NVT: SSL/TLS: Certicate Expired

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Collect and Report Certificate Details (OID: [Link].4.1.25
,→623.1.0.103692)

Summary
The remote server's SSL/TLS certicate has already expired.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
The certificate of the remote service expired on 2023-05-13 [Link].
Certificate details:
fingerprint (SHA-1) | 4A5758F59279E82F2A913C83CA658D6964575A72
fingerprint (SHA-256) | AB48B2E6C44C50867FB3703083F1CEE806F4B575F0E3AD
,→5B23381002A885F556
issued by | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
public key algorithm | RSA
public key size (bits) | 2048
serial | 04A9972F
signature algorithm | sha256WithRSAEncryption
subject | CN=localhost,OU=GlassFish,O=Oracle Corporation
,→,L=Santa Clara,ST=California,C=US
subject alternative names (SAN) | None
valid from | 2013-05-15 [Link] UTC
valid until | 2023-05-13 [Link] UTC

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 828

. . . continued from previous page . . .

Solution type: Mitigation
Replace the SSL/TLS certicate by a new one.

Vulnerability Insight
This script checks expiry dates of certicates associated with SSL/TLS-enabled services on the
target and reports whether any have already expired.

Vulnerability Detection Method

Details: SSL/TLS: Certificate Expired
OID:[Link].4.1.25623.1.0.103955
Version used: 2024-06-14T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Collect and Report Certificate Details
OID: [Link].4.1.25623.1.0.103692)

Medium (CVSS: 4.3)

NVT: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection

Product detection result

cpe:/a:ietf:transport_layer_security:1.1
Detected by SSL/TLS: Version Detection (OID: [Link].4.1.25623.1.0.105782)

Summary
It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this
system.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
In addition to TLSv1.2+ the service is also providing the deprecated TLSv1.0 and
,→ TLSv1.1 protocols and supports one or more ciphers. Those supported ciphers c
,→an be found in the 'SSL/TLS: Report Supported Cipher Suites' (OID: [Link].4.1
,→.25623.1.0.802067) VT.

Impact
An attacker might be able to use the known cryptographic aws to eavesdrop the connection
between clients and the service to get access to sensitive data transferred within the secured
connection.
Furthermore newly uncovered vulnerabilities in this protocols won't receive security updates
anymore.

. . . continues on next page . . .

2 RESULTS PER HOST 829

. . . continued from previous page . . .

Solution:
Solution type: Mitigation
It is recommended to disable the deprecated TLSv1.0 and/or TLSv1.1 protocols in favor of the
TLSv1.2+ protocols.
Please see the references for more resources supporting you with this task.

Aected Software/OS
- All services providing an encrypted communication using the TLSv1.0 and/or TLSv1.1 protocols
- CVE-2023-41928: Kiloview P1 4G and P2 4G Video Encoder
- CVE-2024-41270: Gorush v1.18.4
- CVE-2025-3200: Multiple products from Wiesemann & Theis

Vulnerability Insight
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic aws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded
Legacy Encryption (FREAK)

Vulnerability Detection Method

Checks the used TLS protocols of the services provided by this system.
Details: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection
OID:[Link].4.1.25623.1.0.117274
Version used: 2025-04-30T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security:1.1
Method: SSL/TLS: Version Detection
OID: [Link].4.1.25623.1.0.105782)

References
cve: CVE-2011-3389
cve: CVE-2015-0204
cve: CVE-2023-41928
cve: CVE-2024-41270
cve: CVE-2025-3200
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
. . . continues on next page . . .
2 RESULTS PER HOST 830

. . . continued from previous page . . .

url: [Link]
,→-report-2014
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1435
cert-bund: CB-K18/0799
cert-bund: CB-K16/1289
cert-bund: CB-K16/1096
cert-bund: CB-K15/1751
cert-bund: CB-K15/1266
cert-bund: CB-K15/0850
cert-bund: CB-K15/0764
cert-bund: CB-K15/0720
cert-bund: CB-K15/0548
cert-bund: CB-K15/0526
cert-bund: CB-K15/0509
cert-bund: CB-K15/0493
cert-bund: CB-K15/0384
cert-bund: CB-K15/0365
cert-bund: CB-K15/0364
cert-bund: CB-K15/0302
cert-bund: CB-K15/0192
cert-bund: CB-K15/0079
cert-bund: CB-K15/0016
cert-bund: CB-K14/1342
cert-bund: CB-K14/0231
cert-bund: CB-K13/0845
cert-bund: CB-K13/0796
cert-bund: CB-K13/0790
dfn-cert: DFN-CERT-2020-0177
dfn-cert: DFN-CERT-2020-0111
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1441
dfn-cert: DFN-CERT-2018-1408
dfn-cert: DFN-CERT-2016-1372
dfn-cert: DFN-CERT-2016-1164
dfn-cert: DFN-CERT-2016-0388
dfn-cert: DFN-CERT-2015-1853
dfn-cert: DFN-CERT-2015-1332
dfn-cert: DFN-CERT-2015-0884
dfn-cert: DFN-CERT-2015-0800
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0567
. . . continues on next page . . .
2 RESULTS PER HOST 831

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2015-0544
dfn-cert: DFN-CERT-2015-0530
dfn-cert: DFN-CERT-2015-0396
dfn-cert: DFN-CERT-2015-0375
dfn-cert: DFN-CERT-2015-0374
dfn-cert: DFN-CERT-2015-0305
dfn-cert: DFN-CERT-2015-0199
dfn-cert: DFN-CERT-2015-0079
dfn-cert: DFN-CERT-2015-0021
dfn-cert: DFN-CERT-2014-1414
dfn-cert: DFN-CERT-2013-1847
dfn-cert: DFN-CERT-2013-1792
dfn-cert: DFN-CERT-2012-1979
dfn-cert: DFN-CERT-2012-1829
dfn-cert: DFN-CERT-2012-1530
dfn-cert: DFN-CERT-2012-1380
dfn-cert: DFN-CERT-2012-1377
dfn-cert: DFN-CERT-2012-1292
dfn-cert: DFN-CERT-2012-1214
dfn-cert: DFN-CERT-2012-1213
dfn-cert: DFN-CERT-2012-1180
dfn-cert: DFN-CERT-2012-1156
dfn-cert: DFN-CERT-2012-1155
dfn-cert: DFN-CERT-2012-1039
dfn-cert: DFN-CERT-2012-0956
dfn-cert: DFN-CERT-2012-0908
dfn-cert: DFN-CERT-2012-0868
dfn-cert: DFN-CERT-2012-0867
dfn-cert: DFN-CERT-2012-0848
dfn-cert: DFN-CERT-2012-0838
dfn-cert: DFN-CERT-2012-0776
dfn-cert: DFN-CERT-2012-0722
dfn-cert: DFN-CERT-2012-0638
dfn-cert: DFN-CERT-2012-0627
dfn-cert: DFN-CERT-2012-0451
dfn-cert: DFN-CERT-2012-0418
dfn-cert: DFN-CERT-2012-0354
dfn-cert: DFN-CERT-2012-0234
dfn-cert: DFN-CERT-2012-0221
dfn-cert: DFN-CERT-2012-0177
dfn-cert: DFN-CERT-2012-0170
dfn-cert: DFN-CERT-2012-0146
dfn-cert: DFN-CERT-2012-0142
dfn-cert: DFN-CERT-2012-0126
dfn-cert: DFN-CERT-2012-0123
dfn-cert: DFN-CERT-2012-0095
dfn-cert: DFN-CERT-2012-0051
. . . continues on next page . . .
2 RESULTS PER HOST 832

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-0047
dfn-cert: DFN-CERT-2012-0021
dfn-cert: DFN-CERT-2011-1953
dfn-cert: DFN-CERT-2011-1946
dfn-cert: DFN-CERT-2011-1844
dfn-cert: DFN-CERT-2011-1826
dfn-cert: DFN-CERT-2011-1774
dfn-cert: DFN-CERT-2011-1743
dfn-cert: DFN-CERT-2011-1738
dfn-cert: DFN-CERT-2011-1706
dfn-cert: DFN-CERT-2011-1628
dfn-cert: DFN-CERT-2011-1627
dfn-cert: DFN-CERT-2011-1619
dfn-cert: DFN-CERT-2011-1482

Medium (CVSS: 4.0)

NVT: SSL/TLS: Die-Hellman Key Exchange Insucient DH Group Strength Vulnerability

Summary
The SSL/TLS service uses Die-Hellman groups with insucient strength (key size < 2048).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Server Temporary Key Size: 1024 bits

Impact
An attacker might be able to decrypt the SSL/TLS communication oine.

Solution:
Solution type: Workaround
- Deploy (Ephemeral) Elliptic-Curve Die-Hellman (ECDHE) or use a 2048-bit or stronger
Die-Hellman group. Please see the references for more resources supporting you with this task.
- For Apache Web Servers: Beginning with version 2.4.7, mod_ssl will use DH parameters which
include primes with lengths of more than 1024 bits.

Aected Software/OS
All services providing an encrypted communication using Die-Hellman groups with insucient
strength.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 833

. . . continued from previous page . . .

The Die-Hellman group are some big numbers that are used as base for the DH computations.
They can be, and often are, xed. The security of the nal secret depends on the size of these
parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.

Vulnerability Detection Method

Checks the DHE temporary public key size.
Details: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabili.
,→..
OID:[Link].4.1.25623.1.0.106223
Version used: 2025-03-27T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]

[ return to [Link] ]

2.1.24 Medium 9200/tcp

Medium (CVSS: 6.8)

NVT: Elastic Elastisearch < 1.2 RCE Vulnerability - Active Check

Summary
Elastic Elasticsearch is prone to a remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
Vulnerable URL: [Link]
,→uery%22%3A%7B%22filtered%22%3A%7B%22query%22%3A%7B%22match_all%22%3A%7B%7D%7D%
. . . continues on next page . . .
2 RESULTS PER HOST 834

. . . continued from previous page . . .

,→7D%7D%2C%22script_fields%22%3A%7B%22VTTest%22%3A%7B%22script%22%3A%22import%20
,→[Link].*%3B%5Cnimport%[Link].*%3B%5Cnnew%20Scanner(new%20File(%5C%22%2Fw
,→indows%[Link]%5C%22)).useDelimiter(%5C%22%5C%5C%5C%5CZ%5C%22).next()%3B%22%
,→7D%7D%7D&callback=?

Impact
An attacker can exploit this issue to execute arbitrary code.

Solution:
Solution type: VendorFix
Update to version 1.2 or later which disables 'dynamic scripting' by default. If the system was
already updated make sure that this option is kept disabled.

Aected Software/OS
Elastic Elasticsearch versions prior to 1.2.

Vulnerability Insight
Elastic Elasticsearch has a aw in its default conguration which makes it possible for any
webpage to execute arbitrary code on visitors with Elasticsearch installed.

Vulnerability Detection Method

Sends a crafted HTTP GET request and checks the response.
Details: Elastic Elastisearch < 1.2 RCE Vulnerability - Active Check
OID:[Link].4.1.25623.1.0.105032
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2014-3120
url: [Link]
url: [Link]
,→-developing-with-elasticsearch
url: [Link]
cisa: Known Exploited Vulnerability (KEV) catalog
cert-bund: CB-K14/1131
dfn-cert: DFN-CERT-2014-1188

Medium (CVSS: 6.5)

NVT: Elastic Elasticsearch < 6.8.12, 7.x < 7.9.0 Information Disclosure Vulnerability - Windows

Summary
Elasticsearch is prone to a eld disclosure vulnerability.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 835

. . . continued from previous page . . .

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 6.8.12
Installation
path / port: /

Impact
An attacker could gain additional permissions against a restricted index.

Solution:
Solution type: VendorFix
Update to version 6.8.12, 7.9.1 or later.

Aected Software/OS
Elasticsearch prior to version 6.8.12 and 7.9.0.

Vulnerability Insight
A eld disclosure aw was found in Elasticsearch when running a scrolling search with Field
Level Security. If a user runs the same query another more privileged user recently ran, the
scrolling search can leak elds that should be hidden.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch < 6.8.12, 7.x < 7.9.0 Information Disclosure Vulnerabilit.
,→..
OID:[Link].4.1.25623.1.0.144431
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2020-7019
url: [Link]
,→/245456

Medium (CVSS: 6.5)

NVT: Elastic Elasticsearch DoS Vulnerability (ESA-2021-15)

Summary
Elasticsearch is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 6.8.17
. . . continues on next page . . .
2 RESULTS PER HOST 836

. . . continued from previous page . . .

Installation
path / port: /

Solution:
Solution type: VendorFix
Update to version 6.8.17, 7.13.3 or later.

Aected Software/OS
Elasticsearch prior to version 6.8.17 and 7.x prior to 7.13.3.

Vulnerability Insight
An uncontrolled recursion vulnerability that could lead to a denial of service attack was iden-
tied in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to
Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch DoS Vulnerability (ESA-2021-15)
OID:[Link].4.1.25623.1.0.146386
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2021-22144
url: [Link]
,→e/278100
cert-bund: WID-SEC-2022-1777
dfn-cert: DFN-CERT-2025-0933
dfn-cert: DFN-CERT-2022-2315

Medium (CVSS: 5.9)

NVT: Elastic Elasticsearch < 6.8.2, 7.x < 7.2.1 Information Disclosure Vulnerability (ESA-2019-
07) - Windows

Summary
Elasticsearch is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 6.8.2
Installation
path / port: /

. . . continues on next page . . .

2 RESULTS PER HOST 837

. . . continued from previous page . . .

Impact
On a system with multiple users submitting requests, it could be possible for an attacker to gain
access to response header containing sensitive data from another user.

Solution:
Solution type: VendorFix
Update to version 6.8.2 or 7.2.1 respectively.

Aected Software/OS
Elasticsearch through version 6.8.1 and version 7.0.0 through 7.2.0.

Vulnerability Insight
A race condition aw was found in the response headers Elasticsearch returns to a request.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch < 6.8.2, 7.x < 7.2.1 Information Disclosure Vulnerability.
,→..
OID:[Link].4.1.25623.1.0.117162
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2019-7614
url: [Link]
,→192963
url: [Link]
cert-bund: WID-SEC-2024-3184

Medium (CVSS: 5.3)

NVT: Elastic Elasticsearch Multiple Vulnerabilities (ESA-2021-06, ESA-2021-08)

Summary
Elasticsearch is prone to multiple vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 6.8.15
Installation
path / port: /

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 838

. . . continued from previous page . . .

This could lead to disclosing the existence of documents and elds the attacker should not be
able to view or result in an attacker gaining additional insight into potentially sensitive indices.

Solution:
Solution type: VendorFix
Update to version 6.8.15, 7.12.0 or later.

Aected Software/OS
Elasticsearch versions prior to versions 6.8.15 or 7.12.0.

Vulnerability Insight
The following vulnerabilities exist:
- CVE-2021-22135: Suggester & Prole API information disclosure aw
- CVE-2021-22137: Field disclosure aw

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch Multiple Vulnerabilities (ESA-2021-06, ESA-2021-08)
OID:[Link].4.1.25623.1.0.145940
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2021-22135
cve: CVE-2021-22137
url: [Link]
,→e/268125
cert-bund: WID-SEC-2022-0720
dfn-cert: DFN-CERT-2025-0933

Medium (CVSS: 4.9)

NVT: Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2021-03)

Summary
Elasticsearch is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 6.8.14
Installation
path / port: /

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 839

. . . continued from previous page . . .

This could allow an Elasticsearch administrator to view sensitive details.

Solution:
Solution type: VendorFix
Update to version 6.8.14, 7.10.0 or later.

Aected Software/OS
Elasticsearch versions prior to 6.8.14 and 7.0.0 prior to 7.10.0.

Vulnerability Insight
Elasticsearch has an information disclosure issue when audit logging and the emit_request_body
option is enabled. The Elasticsearch audit log could contain sensitive information such as pass-
word hashes or authentication tokens.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2021-03)
OID:[Link].4.1.25623.1.0.145383
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2020-7021
url: [Link]
,→e/263915
url: [Link]
dfn-cert: DFN-CERT-2025-0933

Medium (CVSS: 4.3)

NVT: Elasticsearch Cross-site Scripting (XSS) Vulnerability - Windows

Summary
Elasticsearch is prone to a cross-site scripting (XSS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 1.4.0.Beta1

Impact
Successful exploitation will allow remote attackers to inject arbitrary web script or HTML.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 840

. . . continued from previous page . . .

Update to Elasticsearch version 1.4.0.Beta1, or later.

Aected Software/OS
Elasticsearch version 1.3.x and prior on Windows.

Vulnerability Insight
The Flaw is due to an error in the CORS functionality.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elasticsearch Cross-site Scripting (XSS) Vulnerability - Windows
OID:[Link].4.1.25623.1.0.808092
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2014-6439
url: [Link]
url: [Link]
url: [Link]

[ return to [Link] ]

2.1.25 Medium 8022/tcp

Medium (CVSS: 6.1)

NVT: ManageEngine Desktop Central <= 9.1.099 Multiple XSS Vulnerabilities

Summary
ManageEngine Desktop Central is prone to multiple cross-site scripting (XSS) vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 9.1.084
Fixed version: 9.2.026
Installation
path / port: /

Impact
Successful exploitation will allow attacker to execute arbitrary script code in the browser of
an unsuspecting user in the context of the aected site. This may allow the attacker to steal
cookie-based authentication credentials and to launch other attacks.

. . . continues on next page . . .

2 RESULTS PER HOST 841

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
Update to version 9.2.026 or later.

Aected Software/OS
ManageEngine Desktop Central version 9.1.099 and prior.

Vulnerability Insight
The aw allows to inject client-side script into Desktop Centrals web page.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: ManageEngine Desktop Central <= 9.1.099 Multiple XSS Vulnerabilities
OID:[Link].4.1.25623.1.0.812576
Version used: 2022-04-13T[Link]Z

References
cve: CVE-2018-8722
url: [Link]
,→[Link]
url: [Link]

Medium (CVSS: 4.8)

NVT: Cleartext Transmission of Sensitive Information via HTTP

Summary
The host / application transmits sensitive information (username, passwords) in cleartext via
HTTP.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The following input fields were identified (URL:input name):
[Link]

Impact
An attacker could use this situation to compromise or eavesdrop on the HTTP communication
between the client and the server using a man-in-the-middle attack to get access to sensitive data
like usernames or passwords.

Solution:
Solution type: Workaround
. . . continues on next page . . .
2 RESULTS PER HOST 842

. . . continued from previous page . . .

Enforce the transmission of sensitive data via an encrypted SSL/TLS connection. Additionally
make sure the host / application is redirecting all users to the secured SSL/TLS connection
before allowing to input sensitive data into the mentioned functions.

Aected Software/OS
Hosts / applications which doesn't enforce the transmission of sensitive data via an encrypted
SSL/TLS connection.

Vulnerability Detection Method

Evaluate previous collected information and check if the host / application is not enforcing the
transmission of sensitive data via an encrypted SSL/TLS connection.
The script is currently checking the following:
- HTTP Basic Authentication (Basic Auth)
- HTTP Forms (e.g. Login) with input eld of type 'password'
Details: Cleartext Transmission of Sensitive Information via HTTP
OID:[Link].4.1.25623.1.0.108440
Version used: 2023-09-07T[Link]Z

References
url: [Link]
,→ssion_Management
url: [Link]
url: [Link]

Medium (CVSS: 4.3)

NVT: ManageEngine Desktop Central <= 9.1.099 Reected XSS Vulnerability

Summary
ManageEngine Desktop Central is prone to a reected cross-site scripting (XSS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 9.1.084
Fixed version: 9.2.026
Installation
path / port: /

Impact
Successful exploitation will allow attacker to cause cross site scripting and steal the cookie of
other active sessions.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 843

. . . continued from previous page . . .

Update to version 9.2.026 or later.

Aected Software/OS
ManageEngine Desktop Central version 9.1.099 and prior.

Vulnerability Insight
The aw exists as input passed via 'To' parameter of 'Specify Delivery Format' is not validated
properly.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: ManageEngine Desktop Central <= 9.1.099 Reflected XSS Vulnerability
OID:[Link].4.1.25623.1.0.807741
Version used: 2021-09-23T[Link]Z

References
url: [Link]

[ return to [Link] ]

2.1.26 Medium 8383/tcp

Medium (CVSS: 6.1)

NVT: ManageEngine Desktop Central <= 9.1.099 Multiple XSS Vulnerabilities

Summary
ManageEngine Desktop Central is prone to multiple cross-site scripting (XSS) vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 9.1.084
Fixed version: 9.2.026
Installation
path / port: /

Impact
Successful exploitation will allow attacker to execute arbitrary script code in the browser of
an unsuspecting user in the context of the aected site. This may allow the attacker to steal
cookie-based authentication credentials and to launch other attacks.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 844

. . . continued from previous page . . .

Update to version 9.2.026 or later.

Aected Software/OS
ManageEngine Desktop Central version 9.1.099 and prior.

Vulnerability Insight
The aw allows to inject client-side script into Desktop Centrals web page.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: ManageEngine Desktop Central <= 9.1.099 Multiple XSS Vulnerabilities
OID:[Link].4.1.25623.1.0.812576
Version used: 2022-04-13T[Link]Z

References
cve: CVE-2018-8722
url: [Link]
,→[Link]
url: [Link]

Medium (CVSS: 5.3)

NVT: SSL/TLS: Server Certicate / Certicate in Chain with RSA keys less than 2048 bits

Summary
The remote SSL/TLS server certicate and/or any of the certicates in the certicate chain is
using a RSA key with less than 2048 bits.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The remote SSL/TLS server is using the following certificate(s) with a RSA key w
,→ith less than 2048 bits (public-key-size:public-key-algorithm:serial:issuer):
1024:RSA:00F59CEF71E6DB72A5:1.2.840.113549.1.9.1=#737570706F7274406465736B746F70
,→63656E7472616C2E636F6D,CN=Desktop Central,OU=ManageEngine,O=Zoho Corporation,L
,→=Pleasanton,ST=CA,C=US (Server certificate)

Impact
Using certicates with weak RSA key size can lead to unauthorized exposure of sensitive infor-
mation.

Solution:
Solution type: Mitigation
Replace the certicate with a stronger key and reissue the certicates it signed.
. . . continues on next page . . .
2 RESULTS PER HOST 845

. . . continued from previous page . . .

Vulnerability Insight
SSL/TLS certicates using RSA keys with less than 2048 bits are considered unsafe.

Vulnerability Detection Method

Checks the RSA keys size of the server certicate and all certicates in chain for a size < 2048
bit.
Details: SSL/TLS: Server Certificate / Certificate in Chain with RSA keys less than 2048.
,→..
OID:[Link].4.1.25623.1.0.150710
Version used: 2021-12-10T[Link]Z

References
url: [Link]

Medium (CVSS: 5.0)

NVT: '/WEB-INF../' Information Disclosure Vulnerability (HTTP)

Summary
Various application or web servers / products are prone to an information disclosure vulnerability.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
Vulnerable URL: [Link]
Response (truncated):
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="[Link]
xmlns:xsi="[Link]
xsi:schemaLocation="[Link] [Link]
ns/j2ee/web-app_2_4.xsd" version="2.4">
<!-- $Id$ -->
<!-- Added for MickeyClient Pdf Generation -->
<context-param>
<param-name>ContextPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>defaultSkin</param-name>
<param-value>woody</param-value>
</context-param>
<context-param>
<param-name>useInstantFeedback</param-name>
<param-value>true</param-value>
. . . continues on next page . . .
2 RESULTS PER HOST 846

. . . continued from previous page . . .

</context-param>
<context-param>
<param-name>mailServerName</param-name>
<param-value>[Link]</param-value>
</context-param>
<context-param>
<param-name>instantFeedbackAddress</param-name>
<param-value>sym-issues@[Link]</param-value>
</context-param>
<context-param>
<param-name>AUTO_IMPORT_USER</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>PARAMETER-ENCODING</param-name>
<param-value>UTF-8</param-value>
</context-param>
<listener>
<listener-class>[Link]
,→ngListener</listener-class>
</listener>
<!-- SDP-DC integration -->
<listener>
<listener-class>[Link]</listener
,→-class>
</listener>
<!-- SDP-DC integra

Impact
Based on the information provided in this le an attacker might be able to gather additional info
and / or sensitive data about the application / the application / web server.

Solution:
Solution type: VendorFix
Please contact the vendor for more information on possible xes.

Aected Software/OS
The following products are known to be aected:
- Caucho Resin version 2.1.12 on Apache HTTP server version 1.3.29
Other products and versions might be aected as well.

Vulnerability Insight
The servlet specication prohibits servlet containers from serving resources in the '/WEB-INF'
and '/META-INF' directories of a web application archive directly to clients.
This means that URLs like:
[Link]
. . . continues on next page . . .
2 RESULTS PER HOST 847

. . . continued from previous page . . .

will return an error message, rather than the contents of the deployment descriptor.
However, some application or web servers / products are prone to a vulnerability that exposes
this information if the client requests a URL like this instead:
[Link]
[Link]
(note the double dot ('..') after 'WEB-INF').

Vulnerability Detection Method

Sends a crafted HTTP GET request and checks the response.
Details: '/WEB-INF../' Information Disclosure Vulnerability (HTTP)
OID:[Link].4.1.25623.1.0.117221
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2004-0281
url: [Link]
url: [Link]

Medium (CVSS: 5.0)

NVT: '/WEB-INf./' Information Disclosure Vulnerability (HTTP)

Summary
Various application or web servers / products are prone to an information disclosure vulnerability.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
Vulnerable URL: [Link]
Response (truncated):
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="[Link]
xmlns:xsi="[Link]
xsi:schemaLocation="[Link] [Link]
ns/j2ee/web-app_2_4.xsd" version="2.4">
<!-- $Id$ -->
<!-- Added for MickeyClient Pdf Generation -->
<context-param>
<param-name>ContextPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>defaultSkin</param-name>
<param-value>woody</param-value>
</context-param>
<context-param>
. . . continues on next page . . .
2 RESULTS PER HOST 848

. . . continued from previous page . . .

<param-name>useInstantFeedback</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>mailServerName</param-name>
<param-value>[Link]</param-value>
</context-param>
<context-param>
<param-name>instantFeedbackAddress</param-name>
<param-value>sym-issues@[Link]</param-value>
</context-param>
<context-param>
<param-name>AUTO_IMPORT_USER</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>PARAMETER-ENCODING</param-name>
<param-value>UTF-8</param-value>
</context-param>
<listener>
<listener-class>[Link]
,→ngListener</listener-class>
</listener>
<!-- SDP-DC integration -->
<listener>
<listener-class>[Link]</listener
,→-class>
</listener>
<!-- SDP-DC integra

Impact
Based on the information provided in this le an attacker might be able to gather additional info
and / or sensitive data about the application / the application / web server.

Solution:
Solution type: VendorFix
Please contact the vendor for more information on possible xes.

Aected Software/OS
The following products are known to be aected:
- A miscongured reverse proxy.
Other products might be aected as well.

Vulnerability Insight
The servlet specication prohibits servlet containers from serving resources in the '/WEB-INF'
and '/META-INF' directories of a web application archive directly to clients.
. . . continues on next page . . .
2 RESULTS PER HOST 849

. . . continued from previous page . . .

This means that URLs like:
[Link]
will return an error message, rather than the contents of the deployment descriptor.
However, some application or web servers / products are prone to a vulnerability that exposes
this information if the client requests a URL like this instead:
[Link]
(note the 'f.' in 'WEB-INF').

Vulnerability Detection Method

Sends a crafted HTTP GET request and checks the response.
Details: '/WEB-INf./' Information Disclosure Vulnerability (HTTP)
OID:[Link].4.1.25623.1.0.117225
Version used: 2023-03-06T[Link]Z

References
url: [Link]

Medium (CVSS: 5.0)

NVT: SSL/TLS: Certicate Expired

Product detection result

cpe:/a:ietf:transport_layer_security
Detected by SSL/TLS: Collect and Report Certificate Details (OID: [Link].4.1.25
,→623.1.0.103692)

Summary
The remote server's SSL/TLS certicate has already expired.

Quality of Detection (QoD): 99%

Vulnerability Detection Result
The certificate of the remote service expired on 2020-09-05 [Link].
Certificate details:
fingerprint (SHA-1) | 701E2E6DF8854C4F0B298DFF03A2C6F0BAC7D315
fingerprint (SHA-256) | C1DF756862FA17582C31E8F8EBDA084D1A1341815B716E
,→B135AD83CD7B01A5A5
issued by | 1.2.840.113549.1.9.1=#737570706F7274406465736B
,→746F7063656E7472616C2E636F6D,CN=Desktop Central,OU=ManageEngine,O=Zoho Corpora
,→tion,L=Pleasanton,ST=CA,C=US
public key algorithm | RSA
public key size (bits) | 1024
serial | 00F59CEF71E6DB72A5
signature algorithm | sha1WithRSAEncryption
subject | 1.2.840.113549.1.9.1=#737570706F7274406465736B
. . . continues on next page . . .
2 RESULTS PER HOST 850

. . . continued from previous page . . .

,→746F7063656E7472616C2E636F6D,CN=Desktop Central,OU=ManageEngine,O=Zoho Corpora
,→tion,L=Pleasanton,ST=CA,C=US
subject alternative names (SAN) | None
valid from | 2010-09-08 [Link] UTC
valid until | 2020-09-05 [Link] UTC

Solution:
Solution type: Mitigation
Replace the SSL/TLS certicate by a new one.

Vulnerability Insight
This script checks expiry dates of certicates associated with SSL/TLS-enabled services on the
target and reports whether any have already expired.

Vulnerability Detection Method

Details: SSL/TLS: Certificate Expired
OID:[Link].4.1.25623.1.0.103955
Version used: 2024-06-14T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security
Method: SSL/TLS: Collect and Report Certificate Details
OID: [Link].4.1.25623.1.0.103692)

Medium (CVSS: 4.3)

NVT: ManageEngine Desktop Central <= 9.1.099 Reected XSS Vulnerability

Summary
ManageEngine Desktop Central is prone to a reected cross-site scripting (XSS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 9.1.084
Fixed version: 9.2.026
Installation
path / port: /

Impact
Successful exploitation will allow attacker to cause cross site scripting and steal the cookie of
other active sessions.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 851

. . . continued from previous page . . .

Update to version 9.2.026 or later.

Aected Software/OS
ManageEngine Desktop Central version 9.1.099 and prior.

Vulnerability Insight
The aw exists as input passed via 'To' parameter of 'Specify Delivery Format' is not validated
properly.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: ManageEngine Desktop Central <= 9.1.099 Reflected XSS Vulnerability
OID:[Link].4.1.25623.1.0.807741
Version used: 2021-09-23T[Link]Z

References
url: [Link]

Medium (CVSS: 4.3)

NVT: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection

Product detection result

cpe:/a:ietf:transport_layer_security:1.1
Detected by SSL/TLS: Version Detection (OID: [Link].4.1.25623.1.0.105782)

Summary
It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this
system.

Quality of Detection (QoD): 98%

Vulnerability Detection Result
In addition to TLSv1.2+ the service is also providing the deprecated TLSv1.0 and
,→ TLSv1.1 protocols and supports one or more ciphers. Those supported ciphers c
,→an be found in the 'SSL/TLS: Report Supported Cipher Suites' (OID: [Link].4.1
,→.25623.1.0.802067) VT.

Impact
An attacker might be able to use the known cryptographic aws to eavesdrop the connection
between clients and the service to get access to sensitive data transferred within the secured
connection.
. . . continues on next page . . .
2 RESULTS PER HOST 852

. . . continued from previous page . . .

Furthermore newly uncovered vulnerabilities in this protocols won't receive security updates
anymore.

Solution:
Solution type: Mitigation
It is recommended to disable the deprecated TLSv1.0 and/or TLSv1.1 protocols in favor of the
TLSv1.2+ protocols.
Please see the references for more resources supporting you with this task.

Aected Software/OS
- All services providing an encrypted communication using the TLSv1.0 and/or TLSv1.1 protocols
- CVE-2023-41928: Kiloview P1 4G and P2 4G Video Encoder
- CVE-2024-41270: Gorush v1.18.4
- CVE-2025-3200: Multiple products from Wiesemann & Theis

Vulnerability Insight
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic aws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded
Legacy Encryption (FREAK)

Vulnerability Detection Method

Checks the used TLS protocols of the services provided by this system.
Details: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection
OID:[Link].4.1.25623.1.0.117274
Version used: 2025-04-30T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:transport_layer_security:1.1
Method: SSL/TLS: Version Detection
OID: [Link].4.1.25623.1.0.105782)

References
cve: CVE-2011-3389
cve: CVE-2015-0204
cve: CVE-2023-41928
cve: CVE-2024-41270
cve: CVE-2025-3200
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
. . . continues on next page . . .
2 RESULTS PER HOST 853

. . . continued from previous page . . .

url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: WID-SEC-2023-1435
cert-bund: CB-K18/0799
cert-bund: CB-K16/1289
cert-bund: CB-K16/1096
cert-bund: CB-K15/1751
cert-bund: CB-K15/1266
cert-bund: CB-K15/0850
cert-bund: CB-K15/0764
cert-bund: CB-K15/0720
cert-bund: CB-K15/0548
cert-bund: CB-K15/0526
cert-bund: CB-K15/0509
cert-bund: CB-K15/0493
cert-bund: CB-K15/0384
cert-bund: CB-K15/0365
cert-bund: CB-K15/0364
cert-bund: CB-K15/0302
cert-bund: CB-K15/0192
cert-bund: CB-K15/0079
cert-bund: CB-K15/0016
cert-bund: CB-K14/1342
cert-bund: CB-K14/0231
cert-bund: CB-K13/0845
cert-bund: CB-K13/0796
cert-bund: CB-K13/0790
dfn-cert: DFN-CERT-2020-0177
dfn-cert: DFN-CERT-2020-0111
dfn-cert: DFN-CERT-2019-0068
dfn-cert: DFN-CERT-2018-1441
dfn-cert: DFN-CERT-2018-1408
dfn-cert: DFN-CERT-2016-1372
dfn-cert: DFN-CERT-2016-1164
dfn-cert: DFN-CERT-2016-0388
dfn-cert: DFN-CERT-2015-1853
dfn-cert: DFN-CERT-2015-1332
dfn-cert: DFN-CERT-2015-0884
. . . continues on next page . . .
2 RESULTS PER HOST 854

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2015-0800
dfn-cert: DFN-CERT-2015-0758
dfn-cert: DFN-CERT-2015-0567
dfn-cert: DFN-CERT-2015-0544
dfn-cert: DFN-CERT-2015-0530
dfn-cert: DFN-CERT-2015-0396
dfn-cert: DFN-CERT-2015-0375
dfn-cert: DFN-CERT-2015-0374
dfn-cert: DFN-CERT-2015-0305
dfn-cert: DFN-CERT-2015-0199
dfn-cert: DFN-CERT-2015-0079
dfn-cert: DFN-CERT-2015-0021
dfn-cert: DFN-CERT-2014-1414
dfn-cert: DFN-CERT-2013-1847
dfn-cert: DFN-CERT-2013-1792
dfn-cert: DFN-CERT-2012-1979
dfn-cert: DFN-CERT-2012-1829
dfn-cert: DFN-CERT-2012-1530
dfn-cert: DFN-CERT-2012-1380
dfn-cert: DFN-CERT-2012-1377
dfn-cert: DFN-CERT-2012-1292
dfn-cert: DFN-CERT-2012-1214
dfn-cert: DFN-CERT-2012-1213
dfn-cert: DFN-CERT-2012-1180
dfn-cert: DFN-CERT-2012-1156
dfn-cert: DFN-CERT-2012-1155
dfn-cert: DFN-CERT-2012-1039
dfn-cert: DFN-CERT-2012-0956
dfn-cert: DFN-CERT-2012-0908
dfn-cert: DFN-CERT-2012-0868
dfn-cert: DFN-CERT-2012-0867
dfn-cert: DFN-CERT-2012-0848
dfn-cert: DFN-CERT-2012-0838
dfn-cert: DFN-CERT-2012-0776
dfn-cert: DFN-CERT-2012-0722
dfn-cert: DFN-CERT-2012-0638
dfn-cert: DFN-CERT-2012-0627
dfn-cert: DFN-CERT-2012-0451
dfn-cert: DFN-CERT-2012-0418
dfn-cert: DFN-CERT-2012-0354
dfn-cert: DFN-CERT-2012-0234
dfn-cert: DFN-CERT-2012-0221
dfn-cert: DFN-CERT-2012-0177
dfn-cert: DFN-CERT-2012-0170
dfn-cert: DFN-CERT-2012-0146
dfn-cert: DFN-CERT-2012-0142
dfn-cert: DFN-CERT-2012-0126
. . . continues on next page . . .
2 RESULTS PER HOST 855

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2012-0123
dfn-cert: DFN-CERT-2012-0095
dfn-cert: DFN-CERT-2012-0051
dfn-cert: DFN-CERT-2012-0047
dfn-cert: DFN-CERT-2012-0021
dfn-cert: DFN-CERT-2011-1953
dfn-cert: DFN-CERT-2011-1946
dfn-cert: DFN-CERT-2011-1844
dfn-cert: DFN-CERT-2011-1826
dfn-cert: DFN-CERT-2011-1774
dfn-cert: DFN-CERT-2011-1743
dfn-cert: DFN-CERT-2011-1738
dfn-cert: DFN-CERT-2011-1706
dfn-cert: DFN-CERT-2011-1628
dfn-cert: DFN-CERT-2011-1627
dfn-cert: DFN-CERT-2011-1619
dfn-cert: DFN-CERT-2011-1482

Medium (CVSS: 4.0)

NVT: SSL/TLS: Certicate Signed Using A Weak Signature Algorithm

Summary
The remote service is using a SSL/TLS certicate in the certicate chain that has been signed
using a cryptographically weak hashing algorithm.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The following certificates are part of the certificate chain but using insecure
,→signature algorithms:
Subject: 1.2.840.113549.1.9.1=#737570706F7274406465736B746F7063656E
,→7472616C2E636F6D,CN=Desktop Central,OU=ManageEngine,O=Zoho Corporation,L=Pleas
,→anton,ST=CA,C=US
Signature Algorithm: sha1WithRSAEncryption

Solution:
Solution type: Mitigation
Servers that use SSL/TLS certicates signed with a weak SHA-1, MD5, MD4 or MD2 hashing
algorithm will need to obtain new SHA-2 signed SSL/TLS certicates to avoid web browser
SSL/TLS certicate warnings.

Vulnerability Insight
The following hashing algorithms used for signing SSL/TLS certicates are considered crypto-
graphically weak and not secure enough for ongoing use:
. . . continues on next page . . .
2 RESULTS PER HOST 856

. . . continued from previous page . . .

- Secure Hash Algorithm 1 (SHA-1)
- Message Digest 5 (MD5)
- Message Digest 4 (MD4)
- Message Digest 2 (MD2)
Beginning as late as January 2017 and as early as June 2016, browser developers such as Microsoft
and Google will begin warning users when visiting web sites that use SHA-1 signed Secure Socket
Layer (SSL) certicates.
NOTE: The script preference allows to set one or more custom SHA-1 ngerprints of CA certi-
cates which are trusted by this routine. The ngerprints needs to be passed comma-separated
and case-insensitive:
Fingerprint1
or
ngerprint1, Fingerprint2

Vulnerability Detection Method

Check which hashing algorithm was used to sign the remote SSL/TLS certicate.
Details: SSL/TLS: Certificate Signed Using A Weak Signature Algorithm
OID:[Link].4.1.25623.1.0.105880
Version used: 2021-10-15T[Link]Z

References
url: [Link]
,→sha-1-based-signature-algorithms/

Medium (CVSS: 4.0)

NVT: SSL/TLS: Die-Hellman Key Exchange Insucient DH Group Strength Vulnerability

Summary
The SSL/TLS service uses Die-Hellman groups with insucient strength (key size < 2048).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Server Temporary Key Size: 1024 bits

Impact
An attacker might be able to decrypt the SSL/TLS communication oine.

Solution:
Solution type: Workaround
- Deploy (Ephemeral) Elliptic-Curve Die-Hellman (ECDHE) or use a 2048-bit or stronger
Die-Hellman group. Please see the references for more resources supporting you with this task.
- For Apache Web Servers: Beginning with version 2.4.7, mod_ssl will use DH parameters which
include primes with lengths of more than 1024 bits.
. . . continues on next page . . .
2 RESULTS PER HOST 857

. . . continued from previous page . . .

Aected Software/OS
All services providing an encrypted communication using Die-Hellman groups with insucient
strength.

Vulnerability Insight
The Die-Hellman group are some big numbers that are used as base for the DH computations.
They can be, and often are, xed. The security of the nal secret depends on the size of these
parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.

Vulnerability Detection Method

Checks the DHE temporary public key size.
Details: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabili.
,→..
OID:[Link].4.1.25623.1.0.106223
Version used: 2025-03-27T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→ines/TG02102/[Link]
url: [Link]
,→TLS-Protokoll/TLS-Protokoll_node.html
url: [Link]
,→eRichtlinien/TR03116/[Link]
url: [Link]
,→tstandard_BSI_TLS_Version_2_4.html
url: [Link]
url: [Link]
,→-report-2014
url: [Link]

[ return to [Link] ]

2.1.27 Low general/icmp

Low (CVSS: 2.1)

NVT: ICMP Timestamp Reply Information Disclosure

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 858

. . . continued from previous page . . .

The remote host responded to an ICMP timestamp request.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The following response / ICMP packet has been received:
- ICMP Type: 14
- ICMP Code: 0

Impact
This information could theoretically be used to exploit weak time-based random number gener-
ators in other services.

Solution:
Solution type: Mitigation
Various mitigations are possible:
- Disable the support for ICMP timestamp on the remote host completely
- Protect the remote host by a rewall, and block ICMP packets passing through the rewall in
either direction (either completely or only for untrusted networks)

Vulnerability Insight
The Timestamp Reply is an ICMP message which replies to a Timestamp message. It consists
of the originating timestamp sent by the sender of the Timestamp as well as a receive timestamp
and a transmit timestamp.

Vulnerability Detection Method

Sends an ICMP Timestamp (Type 13) request and checks if a Timestamp Reply (Type 14) is
received.
Details: ICMP Timestamp Reply Information Disclosure
OID:[Link].4.1.25623.1.0.103190
Version used: 2025-01-21T[Link]Z

References
cve: CVE-1999-0524
url: [Link]
url: [Link]
cert-bund: CB-K15/1514
cert-bund: CB-K14/0632
dfn-cert: DFN-CERT-2014-0658

[ return to [Link] ]

2.1.28 Low 22/tcp

2 RESULTS PER HOST 859

Low (CVSS: 2.6)

NVT: Weak MAC Algorithm(s) Supported (SSH)

Product detection result

cpe:/a:ietf:secure_shell_protocol
Detected by SSH Protocol Algorithms Supported (OID: [Link].4.1.25623.1.0.105565
,→)

Summary
The remote SSH server is congured to allow / support weak MAC algorithm(s).

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The remote SSH server supports the following weak client-to-server MAC algorithm
,→(s):
umac-64-etm@[Link]
umac-64@[Link]
The remote SSH server supports the following weak server-to-client MAC algorithm
,→(s):
umac-64-etm@[Link]
umac-64@[Link]

Solution:
Solution type: Mitigation
Disable the reported weak MAC algorithm(s).

Vulnerability Detection Method

Checks the supported MAC algorithms (client-to-server and server-to-client) of the remote SSH
server.
Currently weak MAC algorithms are dened as the following:
- MD5 based algorithms
- 96-bit based algorithms
- 64-bit based algorithms
- 'none' algorithm
Details: Weak MAC Algorithm(s) Supported (SSH)
OID:[Link].4.1.25623.1.0.105610
Version used: 2024-06-14T[Link]Z

Product Detection Result

Product: cpe:/a:ietf:secure_shell_protocol
Method: SSH Protocol Algorithms Supported
OID: [Link].4.1.25623.1.0.105565)

. . . continues on next page . . .

2 RESULTS PER HOST 860

. . . continued from previous page . . .

References
url: [Link]
url: [Link]

[ return to [Link] ]

2.1.29 Low 3306/tcp

Low (CVSS: 3.7)

NVT: Oracle MySQL Server <= 5.5.48 / 5.6 <= 5.6.29 / 5.7 <= 5.7.10 Security Update (cpu-
jul2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow a remote attacker to aect condentiality via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.48 and prior, 5.6 through 5.6.29 and 5.7 through 5.7.10.

Vulnerability Insight
An unspecied error exists in the 'MySQL Server' component via unknown vectors related to
the 'Security Encryption' sub-component.
. . . continues on next page . . .
2 RESULTS PER HOST 861

. . . continued from previous page . . .

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.48 / 5.6 <= 5.6.29 / 5.7 <= 5.7.10 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.808594
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-3452
url: [Link]
url: [Link]
advisory-id: cpujul2016
cert-bund: CB-K16/1122
cert-bund: CB-K16/1100
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-1169

Low (CVSS: 3.7)

NVT: Oracle MySQL Server <= 5.5.48 / 5.6 <= 5.6.29 / 5.7 <= 5.7.11 Security Update (cpu-
jul2016) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: See the referenced vendor advisory
Installation
path / port: 3306/tcp

. . . continues on next page . . .

2 RESULTS PER HOST 862

. . . continued from previous page . . .

Impact
Successful exploitation will allow a remote attacker to aect condentiality via unknown vectors.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Aected Software/OS
Oracle MySQL Server versions 5.5.48 and prior, 5.6 through 5.6.29 and 5.7 through 5.7.11.

Vulnerability Insight
An unspecied error exists in the 'MySQL Server' component via unknown vectors related to
'Connection' sub-component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.5.48 / 5.6 <= 5.6.29 / 5.7 <= 5.7.11 Security Update (.
,→..
OID:[Link].4.1.25623.1.0.808593
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2016-5444
url: [Link]
url: [Link]
advisory-id: cpujul2016
cert-bund: CB-K16/1122
cert-bund: CB-K16/1100
dfn-cert: DFN-CERT-2016-1192
dfn-cert: DFN-CERT-2016-1169

Low (CVSS: 3.5)

NVT: Oracle MySQL Multiple Unspecied Vulnerabilities-07 (Oct 2015) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)
. . . continues on next page . . .
2 RESULTS PER HOST 863

. . . continued from previous page . . .

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to aect integrity via unknown
vectors.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.43 and earlier, and 5.6.24 and earlier on windows

Vulnerability Insight
Unspecied error exists in the MySQL Server component via unknown vectors related to Server.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified Vulnerabilities-07 (Oct 2015) - Windows
OID:[Link].4.1.25623.1.0.805770
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-4864
url: [Link]
url: [Link]
cert-bund: WID-SEC-2024-1483
cert-bund: CB-K16/0245
cert-bund: CB-K15/1844
. . . continues on next page . . .
2 RESULTS PER HOST 864

. . . continued from previous page . . .

cert-bund: CB-K15/1554
dfn-cert: DFN-CERT-2016-0265
dfn-cert: DFN-CERT-2015-1946
dfn-cert: DFN-CERT-2015-1638

Low (CVSS: 3.5)

NVT: Oracle MySQL Unspecied Vulnerability-04 (Jul 2015)

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow an authenticated remote attacker to cause denial of service
attack.

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier on Windows.

Vulnerability Insight
Unspecied error exists in the MySQL Server component via unknown vectors related to Server
: Optimizer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Unspecified Vulnerability-04 (Jul 2015)
OID:[Link].4.1.25623.1.0.805931
. . . continues on next page . . .
2 RESULTS PER HOST 865

. . . continued from previous page . . .

Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2015-4757
url: [Link]
url: [Link]
cert-bund: CB-K15/1202
cert-bund: CB-K15/1193
cert-bund: CB-K15/1045
cert-bund: CB-K15/1020
dfn-cert: DFN-CERT-2015-1272
dfn-cert: DFN-CERT-2015-1264
dfn-cert: DFN-CERT-2015-1096
dfn-cert: DFN-CERT-2015-1071

Low (CVSS: 3.5)

NVT: Oracle MySQL Server Multiple Vulnerabilities - 05 - (Nov 2012) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: Apply the patch

Impact
Successful exploitation will allow an attacker to disclose potentially sensitive information and
manipulate certain data.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 866

. . . continued from previous page . . .

Apply the patch from the linked references or upgrade to latest version.

Aected Software/OS
Oracle MySQL version 5.5.x to 5.5.25 on Windows.

Vulnerability Insight
The aw is due to unspecied error in MySQL server component vectors server.

Vulnerability Detection Method

Details: Oracle MySQL Server Multiple Vulnerabilities - 05 - (Nov 2012) - Windows
OID:[Link].4.1.25623.1.0.803115
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2012-3156
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]

Low (CVSS: 2.8)

NVT: Oracle MySQL Multiple Unspecied vulnerabilities - 06 (Jan 2014) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL is prone to multiple unspecied vulnerabilities.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.

. . . continues on next page . . .

2 RESULTS PER HOST 867

. . . continued from previous page . . .

Impact
Successful exploitation will allow attackers to manipulate certain data and cause a DoS (Denial
of Service).

Solution:
Solution type: VendorFix
Apply the patch from the referenced advisory.

Aected Software/OS
Oracle MySQL version 5.5.34 and earlier, and 5.6.14 and earlier on Windows.

Vulnerability Insight
Unspecied errors in the MySQL Server component via unknown vectors related to Replication.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Multiple Unspecified vulnerabilities - 06 (Jan 2014) - Windows
OID:[Link].4.1.25623.1.0.804077
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2014-0420
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K14/0710
cert-bund: CB-K14/0187
cert-bund: CB-K14/0082
cert-bund: CB-K14/0074
cert-bund: CB-K14/0055
dfn-cert: DFN-CERT-2014-0742
dfn-cert: DFN-CERT-2014-0190
dfn-cert: DFN-CERT-2014-0085
dfn-cert: DFN-CERT-2014-0074
dfn-cert: DFN-CERT-2014-0048
2 RESULTS PER HOST 868

Low (CVSS: 2.7)

NVT: Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpuapr2023) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.7.41
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.7.41, 8.0.32 or later.

Aected Software/OS
Oracle MySQL Server version 5.7.40 and prior and 8.x through 8.0.31.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpuapr2023) - Win.
,→..
OID:[Link].4.1.25623.1.0.149532
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2023-21963
url: [Link]
advisory-id: cpuapr2023
cert-bund: WID-SEC-2024-1591
. . . continues on next page . . .
2 RESULTS PER HOST 869

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-1033
dfn-cert: DFN-CERT-2023-0885

Low (CVSS: 2.7)

NVT: Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.18 Security Update (cpujul2019) - Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.6.45
Installation
path / port: 3306/tcp

Solution:
Solution type: VendorFix
Update to version 5.6.45, 5.7.19 or later.

Aected Software/OS
Oracle MySQL Server versions 5.6.44 and prior and 5.7 through 5.7.18.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.18 Security Update (cpujul2019) - Wi.
,→..
OID:[Link].4.1.25623.1.0.142643
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
. . . continues on next page . . .
2 RESULTS PER HOST 870

. . . continued from previous page . . .

cve: CVE-2019-2730
url: [Link]
advisory-id: cpujul2019
cert-bund: CB-K19/0620
dfn-cert: DFN-CERT-2019-2169
dfn-cert: DFN-CERT-2019-1453

Low (CVSS: 1.5)

NVT: Oracle MySQL Server 5.5 <= 5.5.30 / 5.6 <= 5.6.9 Security Update (cpuapr2013) -
Windows

Product detection result

cpe:/a:mysql:mysql:5.5.20-log
Detected by MariaDB / Oracle MySQL Detection (MySQL Protocol) (OID: [Link].4.1.
,→25623.1.0.100152)

Summary
Oracle MySQL Server is prone to an unspecied vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 5.5.20
Fixed version: 5.5.31
Installation
path / port: 3306/tcp

Impact
Successful exploitation will allow local users to aect availability.

Solution:
Solution type: VendorFix
Update to version 5.5.31, 5.6.10 or later.

Aected Software/OS
Oracle MySQL Server versions 5.5 through 5.5.30 and 5.6 through 5.6.9.

Vulnerability Insight
An unspecied error exists in the MySQL Server component via unknown vectors related to
Server Partition.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 871

. . . continued from previous page . . .

Details: Oracle MySQL Server 5.5 <= 5.5.30 / 5.6 <= 5.6.9 Security Update (cpuapr2013) -.
,→..
OID:[Link].4.1.25623.1.0.809813
Version used: 2025-09-09T[Link]Z

Product Detection Result

Product: cpe:/a:mysql:mysql:5.5.20-log
Method: MariaDB / Oracle MySQL Detection (MySQL Protocol)
OID: [Link].4.1.25623.1.0.100152)

References
cve: CVE-2013-1502
url: [Link]
url: [Link]
advisory-id: cpuapr2013
dfn-cert: DFN-CERT-2013-0882
dfn-cert: DFN-CERT-2013-0798

[ return to [Link] ]

2.1.30 Low general/tcp

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Updates - 02 - (cpujul2020) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful attacks of these vulnerabilities can result in unauthorized ability to cause a partial
denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.
. . . continues on next page . . .
2 RESULTS PER HOST 872

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 7u261 ([Link]) and earlier, 8u251 ([Link]) and earlier on Windows.

Vulnerability Insight
The aws exist due to errors in the 'Libraries' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 02 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118164
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14578
cve: CVE-2020-14579
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1522
cert-bund: WID-SEC-2022-1285
cert-bund: CB-K20/1075
cert-bund: CB-K20/0715
dfn-cert: DFN-CERT-2021-0949
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1531

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (Apr 2024) -01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 873

. . . continued from previous page . . .

Successful exploitation allows an attacker to compromise Oracle Java SE, which can result in
unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u401 and prior, 17.0.x through 17.0.10, 11.0.x through 11.0.22, 21.0.x
through 21.0.2 and 22.0 on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21011: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21094: An error in the Hotspot component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2024) -01 - Windows
OID:[Link].4.1.25623.1.0.832952
Version used: 2024-04-25T[Link]Z

References
cve: CVE-2024-21011
cve: CVE-2024-21094
url: [Link]
cert-bund: WID-SEC-2024-1248
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-0895
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2795
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-1436
dfn-cert: DFN-CERT-2024-1272
dfn-cert: DFN-CERT-2024-1251
dfn-cert: DFN-CERT-2024-1032
dfn-cert: DFN-CERT-2024-1005
dfn-cert: DFN-CERT-2024-1004

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (jul2023) 04 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 874

. . . continued from previous page . . .

Oracle Java SE is prone to remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier, 11.0.19, 20.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of hotspot module within the Java SE engine component
in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 04 - Windows
OID:[Link].4.1.25623.1.0.832319
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22044
url: [Link]
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-1972
dfn-cert: DFN-CERT-2023-1657
dfn-cert: DFN-CERT-2023-1653

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Updates - 02 - (cpujul2020) - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 875

. . . continued from previous page . . .

Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful attacks of these vulnerabilities can result in unauthorized ability to cause a partial
denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u261 ([Link]) and earlier, 8u251 ([Link]) and earlier on Windows.

Vulnerability Insight
The aws exist due to errors in the 'Libraries' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates - 02 - (cpujul2020) - Windows
OID:[Link].4.1.25623.1.0.118164
Version used: 2024-02-26T[Link]Z

References
cve: CVE-2020-14578
cve: CVE-2020-14579
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1522
cert-bund: WID-SEC-2022-1285
cert-bund: CB-K20/1075
cert-bund: CB-K20/0715
dfn-cert: DFN-CERT-2021-0949
dfn-cert: DFN-CERT-2020-2571
dfn-cert: DFN-CERT-2020-1762
dfn-cert: DFN-CERT-2020-1531
2 RESULTS PER HOST 876

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (jul2023) 04 - Windows

Summary
Oracle Java SE is prone to remote code execution (RCE) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier, 11.0.19, 20.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of hotspot module within the Java SE engine component
in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 04 - Windows
OID:[Link].4.1.25623.1.0.832319
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22044
url: [Link]
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-1972
dfn-cert: DFN-CERT-2023-1657
dfn-cert: DFN-CERT-2023-1653
2 RESULTS PER HOST 877

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (Apr 2024) -01 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to compromise Oracle Java SE, which can result in
unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u401 and prior, 17.0.x through 17.0.10, 11.0.x through 11.0.22, 21.0.x
through 21.0.2 and 22.0 on Windows.

Vulnerability Insight
These vulnerabilities exist:
- CVE-2024-21011: An error in the Hotspot component of Oracle Java SE.
- CVE-2024-21094: An error in the Hotspot component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2024) -01 - Windows
OID:[Link].4.1.25623.1.0.832952
Version used: 2024-04-25T[Link]Z

References
cve: CVE-2024-21011
cve: CVE-2024-21094
url: [Link]
cert-bund: WID-SEC-2024-1248
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-0895
dfn-cert: DFN-CERT-2024-2971
. . . continues on next page . . .
2 RESULTS PER HOST 878

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-2795
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-1436
dfn-cert: DFN-CERT-2024-1272
dfn-cert: DFN-CERT-2024-1251
dfn-cert: DFN-CERT-2024-1032
dfn-cert: DFN-CERT-2024-1005
dfn-cert: DFN-CERT-2024-1004

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (Jul 2024) -1 - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to cause a partial denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u411 and prior, 11.0.x through 11.0.23 on Windows.

Vulnerability Insight
The aw exists due to an error in the Concurrency component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Jul 2024) -1 - Windows
OID:[Link].4.1.25623.1.0.834264
Version used: 2024-07-19T[Link]Z

References
. . . continues on next page . . .
2 RESULTS PER HOST 879

. . . continued from previous page . . .

cve: CVE-2024-21144
url: [Link]
cert-bund: WID-SEC-2024-1658
cert-bund: WID-SEC-2024-1648
cert-bund: WID-SEC-2024-1647
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-2140
dfn-cert: DFN-CERT-2024-2119
dfn-cert: DFN-CERT-2024-1860
dfn-cert: DFN-CERT-2024-1859

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (cpuapr2020 - 04) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality and avail-
ability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u241 ([Link]) and earlier, 11.0.6 and earlier, 14.

Vulnerability Insight
Multiple aws are due to multiple errors in Scripting component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpuapr2020 - 04) - Windows
. . . continues on next page . . .
2 RESULTS PER HOST 880

. . . continued from previous page . . .

OID:[Link].4.1.25623.1.0.816858
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2755
cve: CVE-2020-2754
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K20/0319
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-0771

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (cpuapr2020 - 04) - Windows

Summary
Oracle Java SE is prone to multiple security vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on condentiality and avail-
ability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u241 ([Link]) and earlier, 11.0.6 and earlier, 14.

Vulnerability Insight
Multiple aws are due to multiple errors in Scripting component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 881

. . . continued from previous page . . .

Details: Oracle Java SE Security Update (cpuapr2020 - 04) - Windows
OID:[Link].4.1.25623.1.0.816858
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2755
cve: CVE-2020-2754
url: [Link]
cert-bund: WID-SEC-2023-0016
cert-bund: WID-SEC-2022-1639
cert-bund: CB-K20/0319
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-1685
dfn-cert: DFN-CERT-2020-0771

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (jan2023) 03 - Windows

Summary
Oracle Java SE is prone to an input validation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u351 and earlier, 11.0.17, 17.0.5, 19.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to an improper input validation within the Sound component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 882

. . . continued from previous page . . .

Details: Oracle Java SE Security Update (jan2023) 03 - Windows
OID:[Link].4.1.25623.1.0.826783
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2023-21843
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2164
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2023-0128
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2023-1174
dfn-cert: DFN-CERT-2023-1139
dfn-cert: DFN-CERT-2023-0846
dfn-cert: DFN-CERT-2023-0717
dfn-cert: DFN-CERT-2023-0605
dfn-cert: DFN-CERT-2023-0256
dfn-cert: DFN-CERT-2023-0217
dfn-cert: DFN-CERT-2023-0125
dfn-cert: DFN-CERT-2023-0124

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (cpujan2020 - 04) - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
. . . continues on next page . . .
2 RESULTS PER HOST 883

. . . continued from previous page . . .

The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u241 ([Link]) and earlier, 8u231 ([Link]) and earlier.

Vulnerability Insight
The aw is due to error in component Networking.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpujan2020 - 04) - Windows
OID:[Link].4.1.25623.1.0.816602
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2659
url: [Link]
cert-bund: WID-SEC-2023-0234
cert-bund: CB-K20/0139
cert-bund: CB-K20/0039
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2020-0283
dfn-cert: DFN-CERT-2020-0095

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (jan2023) 03 - Windows

Summary
Oracle Java SE is prone to an input validation vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 884

. . . continued from previous page . . .

Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u351 and earlier, 11.0.17, 17.0.5, 19.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to an improper input validation within the Sound component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2023) 03 - Windows
OID:[Link].4.1.25623.1.0.826783
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2023-21843
url: [Link]
cert-bund: WID-SEC-2024-1591
cert-bund: WID-SEC-2024-0794
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2625
cert-bund: WID-SEC-2023-2164
cert-bund: WID-SEC-2023-1424
cert-bund: WID-SEC-2023-0561
cert-bund: WID-SEC-2023-0128
dfn-cert: DFN-CERT-2024-2151
dfn-cert: DFN-CERT-2023-1174
dfn-cert: DFN-CERT-2023-1139
dfn-cert: DFN-CERT-2023-0846
dfn-cert: DFN-CERT-2023-0717
dfn-cert: DFN-CERT-2023-0605
dfn-cert: DFN-CERT-2023-0256
dfn-cert: DFN-CERT-2023-0217
dfn-cert: DFN-CERT-2023-0125
dfn-cert: DFN-CERT-2023-0124

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (cpujan2020 - 04) - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

. . . continues on next page . . .

2 RESULTS PER HOST 885

. . . continued from previous page . . .

Quality of Detection (QoD): 97%
Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 7u241 ([Link]) and earlier, 8u231 ([Link]) and earlier.

Vulnerability Insight
The aw is due to error in component Networking.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (cpujan2020 - 04) - Windows
OID:[Link].4.1.25623.1.0.816602
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2020-2659
url: [Link]
cert-bund: WID-SEC-2023-0234
cert-bund: CB-K20/0139
cert-bund: CB-K20/0039
dfn-cert: DFN-CERT-2021-0095
dfn-cert: DFN-CERT-2020-1276
dfn-cert: DFN-CERT-2020-0338
dfn-cert: DFN-CERT-2020-0283
dfn-cert: DFN-CERT-2020-0095

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (Apr 2024) -03 - Windows

Summary
. . . continues on next page . . .
2 RESULTS PER HOST 886

. . . continued from previous page . . .

Oracle Java SE is prone to a denial of service vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to cause a partial denial of service (partial DOS)

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE 8u401 and prior and 11.0.x through 11.0.22 on Windows.

Vulnerability Insight
The aw exists due to a NativeUnpack class did not properly validate the memory size when
allocating a buer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2024) -03 - Windows
OID:[Link].4.1.25623.1.0.832955
Version used: 2025-01-13T[Link]Z

References
cve: CVE-2024-21085
url: [Link]
cert-bund: WID-SEC-2024-1248
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-0895
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2795
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-1436
dfn-cert: DFN-CERT-2024-1251
dfn-cert: DFN-CERT-2024-1032
dfn-cert: DFN-CERT-2024-1005
dfn-cert: DFN-CERT-2024-1004
2 RESULTS PER HOST 887

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 02 - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to conduct a denial-of-service condition.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw exists due to error in 'JCE' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 02 - Windows
OID:[Link].4.1.25623.1.0.815176
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2842
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: CB-K19/0621
dfn-cert: DFN-CERT-2019-1452
2 RESULTS PER HOST 888

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (Jul 2024) -1 - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to cause a partial denial of service.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u411 and prior, 11.0.x through 11.0.23 on Windows.

Vulnerability Insight
The aw exists due to an error in the Concurrency component of Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Jul 2024) -1 - Windows
OID:[Link].4.1.25623.1.0.834264
Version used: 2024-07-19T[Link]Z

References
cve: CVE-2024-21144
url: [Link]
cert-bund: WID-SEC-2024-1658
cert-bund: WID-SEC-2024-1648
cert-bund: WID-SEC-2024-1647
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-2140
dfn-cert: DFN-CERT-2024-2119
dfn-cert: DFN-CERT-2024-1860
. . . continues on next page . . .
2 RESULTS PER HOST 889

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-1859

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 02 - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow attackers to conduct a denial-of-service condition.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw exists due to error in 'JCE' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 02 - Windows
OID:[Link].4.1.25623.1.0.815176
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2842
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: CB-K19/0621
dfn-cert: DFN-CERT-2019-1452
2 RESULTS PER HOST 890

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (Apr 2024) -03 - Windows

Summary
Oracle Java SE is prone to a denial of service vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation allows an attacker to cause a partial denial of service (partial DOS)

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE 8u401 and prior and 11.0.x through 11.0.22 on Windows.

Vulnerability Insight
The aw exists due to a NativeUnpack class did not properly validate the memory size when
allocating a buer.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (Apr 2024) -03 - Windows
OID:[Link].4.1.25623.1.0.832955
Version used: 2025-01-13T[Link]Z

References
cve: CVE-2024-21085
url: [Link]
cert-bund: WID-SEC-2024-1248
cert-bund: WID-SEC-2024-1226
cert-bund: WID-SEC-2024-0895
dfn-cert: DFN-CERT-2024-2971
dfn-cert: DFN-CERT-2024-2795
dfn-cert: DFN-CERT-2024-2789
dfn-cert: DFN-CERT-2024-2788
dfn-cert: DFN-CERT-2024-1436
. . . continues on next page . . .
2 RESULTS PER HOST 891

. . . continued from previous page . . .

dfn-cert: DFN-CERT-2024-1251
dfn-cert: DFN-CERT-2024-1032
dfn-cert: DFN-CERT-2024-1005
dfn-cert: DFN-CERT-2024-1004

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (jul2023) 05 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier, 11.0.19, 17.0.7, 20.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of hotspot module and libraries within the Java SE
engine component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jul2023) 05 - Windows
OID:[Link].4.1.25623.1.0.832322
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22045
cve: CVE-2023-22049
url: [Link]
cert-bund: WID-SEC-2024-0064
. . . continues on next page . . .
2 RESULTS PER HOST 892

. . . continued from previous page . . .

cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1814
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-3167
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-2042
dfn-cert: DFN-CERT-2023-2031
dfn-cert: DFN-CERT-2023-1990
dfn-cert: DFN-CERT-2023-1972
dfn-cert: DFN-CERT-2023-1935
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1657
dfn-cert: DFN-CERT-2023-1653

Low (CVSS: 3.7)

NVT: Oracle Java SE Security Update (jul2023) 05 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch from vendor
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to manipulate data and execute arbitrary code.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u371 and earlier, 11.0.19, 17.0.7, 20.0.1 and earlier on Windows.

Vulnerability Insight
The aw is due to improper application of hotspot module and libraries within the Java SE
engine component in Oracle Java SE.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
. . . continues on next page . . .
2 RESULTS PER HOST 893

. . . continued from previous page . . .

Details: Oracle Java SE Security Update (jul2023) 05 - Windows
OID:[Link].4.1.25623.1.0.832322
Version used: 2023-10-13T[Link]Z

References
cve: CVE-2023-22045
cve: CVE-2023-22049
url: [Link]
cert-bund: WID-SEC-2024-0064
cert-bund: WID-SEC-2023-2031
cert-bund: WID-SEC-2023-1814
cert-bund: WID-SEC-2023-1796
dfn-cert: DFN-CERT-2023-3167
dfn-cert: DFN-CERT-2023-2179
dfn-cert: DFN-CERT-2023-2042
dfn-cert: DFN-CERT-2023-2031
dfn-cert: DFN-CERT-2023-1990
dfn-cert: DFN-CERT-2023-1972
dfn-cert: DFN-CERT-2023-1935
dfn-cert: DFN-CERT-2023-1909
dfn-cert: DFN-CERT-2023-1657
dfn-cert: DFN-CERT-2023-1653

Low (CVSS: 3.4)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 04 - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow an attacker to have an impact on condentiality.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 894

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 8u212([Link]) and earlier, 11.0.2 and earlier, 12.0.1 and earlier on
Windows.

Vulnerability Insight
The aw exists due to error in 'Security' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 04 - Windows
OID:[Link].4.1.25623.1.0.815181
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2786
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: CB-K19/0897
cert-bund: CB-K19/0621
dfn-cert: DFN-CERT-2019-1584
dfn-cert: DFN-CERT-2019-1452

Low (CVSS: 3.4)

NVT: Oracle Java SE Security Updates (jul2019-5072835) 04 - Windows

Summary
Oracle Java SE is prone to a security vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow an attacker to have an impact on condentiality.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 895

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 8u212([Link]) and earlier, 11.0.2 and earlier, 12.0.1 and earlier on
Windows.

Vulnerability Insight
The aw exists due to error in 'Security' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 04 - Windows
OID:[Link].4.1.25623.1.0.815181
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2019-2786
url: [Link]
,→l
cert-bund: WID-SEC-2025-0149
cert-bund: CB-K19/0897
cert-bund: CB-K19/0621
dfn-cert: DFN-CERT-2019-1584
dfn-cert: DFN-CERT-2019-1452

Low (CVSS: 3.3)

NVT: Microsoft Windows Group Policy Security Feature Bypass Vulnerability (3004361)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-014.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation could allow remote attackers to modify domain controller responses to
client requests and revert the Group Policy settings on a system back to default.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
. . . continues on next page . . .
2 RESULTS PER HOST 896

. . . continued from previous page . . .

- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Vulnerability Insight
The aw is due to an error in the Group Policy application of Security Conguration policies.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Group Policy Security Feature Bypass Vulnerability (3004361)
OID:[Link].4.1.25623.1.0.805273
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0009
url: [Link]
url: [Link]
url: [Link]
url: [Link]
,→[Link]
cert-bund: CB-K15/0171
dfn-cert: DFN-CERT-2015-0175

Low (CVSS: 3.3)

NVT: 7-Zip Multiple Vulnerabilities (Apr 2025) - Windows

Summary
7zip is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: None
Installation
path / port: C:\Program Files\7-Zip\

Impact
Successful exploitation allows an attacker to conduct denial of service attacks.

Solution:
. . . continues on next page . . .
2 RESULTS PER HOST 897

. . . continued from previous page . . .

Solution type: NoneAvailable
No known solution is available as of 23th April, 2025. Information regarding this issue will be
updated once solution details are available.

Aected Software/OS
7zip version 22.01 and prior on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7-Zip Multiple Vulnerabilities (Apr 2025) - Windows
OID:[Link].4.1.25623.1.0.836162
Version used: 2025-08-19T[Link]Z

References
cve: CVE-2022-47111
cve: CVE-2022-47112
url: [Link]

Low (CVSS: 3.3)

NVT: Microsoft .NET Framework DoS Vulnerability (KB5013870)

Summary
This host is missing an important security update according to Microsoft KB5013870

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Vulnerable range: 2.0.50727 - 2.0.50727.8963
File checked: C:\Windows\[Link]\Framework64\v2.0.50727\[Link]
File version: 2.0.50727.5420

Impact
Successful exploitation will allow an attacker to cause a denial of service condition.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Microsoft .NET Framework 3.5.1, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Microsoft Windows 7
SP1 and Microsoft Windows Server 2008 R2 SP1.

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 898

. . . continued from previous page . . .

The aw exists due to an error in .NET Framework which allows a local attacker to cause a
denial of service on an aected system.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework DoS Vulnerability (KB5013870)
OID:[Link].4.1.25623.1.0.821227
Version used: 2023-06-08T[Link]Z

References
cve: CVE-2022-30130
url: [Link]
cert-bund: WID-SEC-2022-1251
cert-bund: WID-SEC-2022-0539
cert-bund: CB-K22/0588
dfn-cert: DFN-CERT-2022-1039

Low (CVSS: 3.3)

NVT: Microsoft Windows NETLOGON Privilege Elevation Vulnerability (3068457)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-071.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote man-in-the-middle attacker to conduct SMB relay at-
tacks on domain environments utilizing SMB Signing enforcement, and decrypt SMB3 commu-
nications intercepted.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows Server 2012/R2
- Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior

Vulnerability Insight
. . . continues on next page . . .
2 RESULTS PER HOST 899

. . . continued from previous page . . .

Flaw is due to Netlogon service improperly establishes a secure communications channel belong-
ing to a dierent machine with a spoofed computer name.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows NETLOGON Privilege Elevation Vulnerability (3068457)
OID:[Link].4.1.25623.1.0.805075
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-2374
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/1013
dfn-cert: DFN-CERT-2015-1060

Low (CVSS: 3.1)

NVT: Microsoft Windows DirectShow Information Disclosure Vulnerability (4010318)

Summary
This host is missing an important security update according to Microsoft Bulletin MS17-021.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
File checked: C:\Windows\system32\[Link]
File version: 6.6.7601.17514
Vulnerable range: Less than 6.6.7601.23643

Impact
Successful exploitation will allow an attacker to obtain information to further compromise a
target system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 10 x32/x64
- Microsoft Windows Server 2012/2012R2
- Microsoft Windows 10 Version 1511 x32/x64
- Microsoft Windows 10 Version 1607 x32/x64
. . . continues on next page . . .
2 RESULTS PER HOST 900

. . . continued from previous page . . .

- Microsoft Windows Vista x32/x64 Edition Service Pack 2
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2
- Microsoft Windows 7 x32/x64 Edition Service Pack 1
- Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1
- Microsoft Windows Server 2016

Vulnerability Insight
The aw exists when windows DirectShow handles objects in memory.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows DirectShow Information Disclosure Vulnerability (4010318)
OID:[Link].4.1.25623.1.0.810596
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2017-0042
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K17/0443
dfn-cert: DFN-CERT-2017-0451

Low (CVSS: 3.1)

NVT: Oracle Java SE Security Update (oct2021) 05 - Windows

Summary
Oracle Java SE is prone to a denial of service vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

. . . continues on next page . . .

2 RESULTS PER HOST 901

. . . continued from previous page . . .

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 7u311 ([Link]) and earlier on Windows.

Vulnerability Insight
The aw is due to an error in 'Hotspot' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 05 - Windows
OID:[Link].4.1.25623.1.0.818831
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35588
url: [Link]
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0196
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194

Low (CVSS: 3.1)

NVT: Oracle Java SE Security Update (oct2021) 05 - Windows

Summary
Oracle Java SE is prone to a denial of service vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to have an impact on availability.

. . . continues on next page . . .

2 RESULTS PER HOST 902

. . . continued from previous page . . .

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u301 ([Link]) and earlier, 7u311 ([Link]) and earlier on Windows.

Vulnerability Insight
The aw is due to an error in 'Hotspot' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (oct2021) 05 - Windows
OID:[Link].4.1.25623.1.0.818831
Version used: 2025-01-21T[Link]Z

References
cve: CVE-2021-35588
url: [Link]
cert-bund: WID-SEC-2022-1375
cert-bund: WID-SEC-2022-0809
cert-bund: WID-SEC-2022-0676
cert-bund: WID-SEC-2022-0196
cert-bund: CB-K21/1082
dfn-cert: DFN-CERT-2022-1571
dfn-cert: DFN-CERT-2022-0366
dfn-cert: DFN-CERT-2022-0107
dfn-cert: DFN-CERT-2022-0106
dfn-cert: DFN-CERT-2021-2530
dfn-cert: DFN-CERT-2021-2195
dfn-cert: DFN-CERT-2021-2194

Low (CVSS: 3.1)

NVT: Oracle Java SE DoS Vulnerability (cpujan2019) - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 903

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to cause denial of service.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw exists due to an error in the 'Deployment' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE DoS Vulnerability (cpujan2019) - Windows
OID:[Link].4.1.25623.1.0.814915
Version used: 2024-02-23T[Link]Z

References
cve: CVE-2019-2449
url: [Link]
,→l
cert-bund: CB-K19/0334
cert-bund: CB-K19/0051
dfn-cert: DFN-CERT-2019-1944
dfn-cert: DFN-CERT-2019-0478
dfn-cert: DFN-CERT-2019-0473
dfn-cert: DFN-CERT-2019-0106

Low (CVSS: 3.1)

NVT: Oracle Java SE DoS Vulnerability (cpujan2019) - Windows

Summary
Oracle Java SE is prone to a denial of service (DoS) vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply the patch
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 904

. . . continued from previous page . . .

path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attackers to cause denial of service.

Solution:
Solution type: VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 1.8.0 to [Link] on Windows.

Vulnerability Insight
The aw exists due to an error in the 'Deployment' component.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE DoS Vulnerability (cpujan2019) - Windows
OID:[Link].4.1.25623.1.0.814915
Version used: 2024-02-23T[Link]Z

References
cve: CVE-2019-2449
url: [Link]
,→l
cert-bund: CB-K19/0334
cert-bund: CB-K19/0051
dfn-cert: DFN-CERT-2019-1944
dfn-cert: DFN-CERT-2019-0478
dfn-cert: DFN-CERT-2019-0473
dfn-cert: DFN-CERT-2019-0106

Low (CVSS: 3.1)

NVT: Oracle Java SE Security Update (jan2024) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 905

. . . continued from previous page . . .

path / port: C:\Program Files\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u391 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in the multiple components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2024) 04 - Windows
OID:[Link].4.1.25623.1.0.832790
Version used: 2024-02-19T[Link]Z

References
cve: CVE-2024-20923
cve: CVE-2024-20925
cve: CVE-2024-20922
url: [Link]
cert-bund: WID-SEC-2024-0121
dfn-cert: DFN-CERT-2024-0129
dfn-cert: DFN-CERT-2024-0128

Low (CVSS: 3.1)

NVT: Oracle Java SE Security Update (jan2024) 04 - Windows

Summary
Oracle Java SE is prone to multiple vulnerabilities.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 1.8.0update_141
Fixed version: Apply patch provided by the vendor
Installation
. . . continues on next page . . .
2 RESULTS PER HOST 906

. . . continued from previous page . . .

path / port: C:\Program Files (x86)\Java\jre1.8.0_141

Impact
Successful exploitation will allow remote attacker to compromise Oracle Java SE, which can
result in unauthorized update, insert or delete access to some of Oracle Java SE.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
Oracle Java SE version 8u391 and earlier on Windows.

Vulnerability Insight
Multiple aws exist due to multiple errors in the multiple components.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (jan2024) 04 - Windows
OID:[Link].4.1.25623.1.0.832790
Version used: 2024-02-19T[Link]Z

References
cve: CVE-2024-20923
cve: CVE-2024-20925
cve: CVE-2024-20922
url: [Link]
cert-bund: WID-SEC-2024-0121
dfn-cert: DFN-CERT-2024-0129
dfn-cert: DFN-CERT-2024-0128

Low (CVSS: 2.6)

NVT: Microsoft Windows .NET Framework Information Disclosure Vulnerability (3048010)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-041.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
. . . continues on next page . . .
2 RESULTS PER HOST 907

. . . continued from previous page . . .

Successful exploitation will allow remote attackers to view parts of a web conguration le, which
could expose sensitive information.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft .NET Framework 4
- Microsoft .NET Framework 3.5
- Microsoft .NET Framework 2.0
- Microsoft .NET Framework 1.1
- Microsoft .NET Framework 3.5.1
- Microsoft .NET Framework 4.5, 4.5.1, and 4.5.2

Vulnerability Insight
The aw exists when [Link] improperly handles certain requests on systems that have custom
error messages disabled.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows .NET Framework Information Disclosure Vulnerability (3048010)
OID:[Link].4.1.25623.1.0.805060
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1648
url: [Link]
url: [Link]
cert-bund: CB-K15/0527
dfn-cert: DFN-CERT-2015-0545

Low (CVSS: 2.6)

NVT: TCP Timestamps Information Disclosure

Summary
The remote host implements TCP timestamps and therefore allows to compute the uptime.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
It was detected that the host implements RFC1323/RFC7323.
The following timestamps were retrieved with a delay of 1 seconds in-between:
Packet 1: 171583
. . . continues on next page . . .
2 RESULTS PER HOST 908

. . . continued from previous page . . .

Packet 2: 171695

Impact
A side eect of this feature is that the uptime of the remote host can sometimes be computed.

Solution:
Solution type: Mitigation
To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to
/etc/[Link]. Execute 'sysctl -p' to apply the settings at runtime.
To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is to not use the Timestamp options
when initiating TCP connections, but use them if the TCP peer that is initiating communication
includes them in their synchronize (SYN) segment.
See the references for more information.

Aected Software/OS
TCP implementations that implement RFC1323/RFC7323.

Vulnerability Insight
The remote host implements TCP timestamps, as dened by RFC1323/RFC7323.

Vulnerability Detection Method

Special IP packets are forged and sent with a little delay in between to the target IP. The
responses are searched for a timestamps. If found, the timestamps are reported.
Details: TCP Timestamps Information Disclosure
OID:[Link].4.1.25623.1.0.80091
Version used: 2023-12-15T[Link]Z

References
url: [Link]
url: [Link]
url: [Link]
,→ownload/[Link]?id=9152
url: [Link]

Low (CVSS: 2.1)

NVT: Microsoft Windows Task Scheduler security Feature Bypass Vulnerability (3030377)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-028.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 909

. . . continued from previous page . . .

Vulnerability Detection Result
File checked: C:\Windows\[Link]
File version: 6.1.7600.16385
Vulnerable range:

Impact
Successful exploitation will allow local attacker to gain elevated privileges.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior
- Microsoft Windows 8 x32/x64
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows Server 2012/R2

Vulnerability Insight
Flaw exists as Windows Task Scheduler fails to properly validate and enforce impersonation
levels.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Task Scheduler security Feature Bypass Vulnerability (3030377)
OID:[Link].4.1.25623.1.0.805144
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-0084
url: [Link]
url: [Link]
cert-bund: CB-K15/0319
dfn-cert: DFN-CERT-2015-0324

Low (CVSS: 2.1)

NVT: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerability (3045171)

Summary
This host is missing an important security update according to Microsoft Bulletin MS15-051.

Quality of Detection (QoD): 80%

. . . continues on next page . . .
2 RESULTS PER HOST 910

. . . continued from previous page . . .

Vulnerability Detection Result
The target host was found to be vulnerable

Impact
Successful exploitation will allow remote attackers to gain access to kernel memory contents that
contain sensitive information about the system.

Solution:
Solution type: VendorFix
The vendor has released updates. Please see the references for more information.

Aected Software/OS
- Microsoft Windows 8 x32/x64
- Microsoft Windows Server 2012/R2
- Microsoft Windows 8.1 x32/x64
- Microsoft Windows 2003 x32/x64 Service Pack 2 and prior
- Microsoft Windows Vista x32/x64 Service Pack 2 and prior
- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior
- Microsoft Windows 7 x32/x64 Service Pack 1 and prior
- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

Vulnerability Insight
The aw is due to the kernel-mode driver leaking private address information during a function
call

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerability (3045171)
OID:[Link].4.1.25623.1.0.805381
Version used: 2023-07-25T[Link]Z

References
cve: CVE-2015-1676
cve: CVE-2015-1677
cve: CVE-2015-1678
cve: CVE-2015-1679
cve: CVE-2015-1680
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
url: [Link]
cert-bund: CB-K15/0668
dfn-cert: DFN-CERT-2015-0689
2 RESULTS PER HOST 911

Low (CVSS: 2.1)

NVT: 7-Zip Arbitrary File Write Vulnerability (Oct 2025) - Windows

Summary
7zip is prone to an arbitrary le write vulnerability.

Quality of Detection (QoD): 97%

Vulnerability Detection Result
Installed version: 16.04
Fixed version: 25.01
Installation
path / port: C:\Program Files\7-Zip\

Impact
Successful exploitation allows an attacker to perform arbitrary le writes on target systems.

Solution:
Solution type: VendorFix
Update to version 25.01 or later.

Aected Software/OS
7zip prior to version 25.01 on Windows.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: 7-Zip Arbitrary File Write Vulnerability (Oct 2025) - Windows
OID:[Link].4.1.25623.1.0.836710
Version used: 2025-10-15T[Link]Z

References
cve: CVE-2025-55188
url: [Link]
url: [Link]
cert-bund: WID-SEC-2025-1750

[ return to [Link] ]

2.1.31 Low 9200/tcp

2 RESULTS PER HOST 912

Low (CVSS: 3.1)

NVT: Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2020-13)

Summary
Elasticsearch is prone to an information disclosure vulnerability.

Quality of Detection (QoD): 80%

Vulnerability Detection Result
Installed version: 1.1.1
Fixed version: 6.8.13
Installation
path / port: /

Impact
This could result in the search disclosing the existence of documents the attacker should not be
able to view. This could result in an attacker gaining additional insight into potentially sensitive
indices.

Solution:
Solution type: VendorFix
Update to version 6.8.13, 7.9.2 or later.

Aected Software/OS
Elasticsearch versions before 6.8.13 and 7.x before 7.9.2.

Vulnerability Insight
A document disclosure aw was found in Elasticsearch when Document or Field Level Security
is used. Search queries do not properly preserve security permissions when executing certain
complex queries.

Vulnerability Detection Method

Checks if a vulnerable version is present on the target host.
Details: Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2020-13)
OID:[Link].4.1.25623.1.0.117181
Version used: 2025-09-03T[Link]Z

References
cve: CVE-2020-7020
url: [Link]
,→/253033
url: [Link]
cert-bund: WID-SEC-2022-0607
dfn-cert: DFN-CERT-2025-0933
dfn-cert: DFN-CERT-2022-1530
2 RESULTS PER HOST 913

[ return to [Link] ]

This le was automatically generated.