Identified vulnerabilities (CVEs) in vulnscan

Vulnerabilities are selectively added to the vulnscan category when exploitation is likely and poses a significant threat to entreprise networks.

We aim to deploy detection capability before mass-exploitation of a vulnerability is observed. The following criteria are used as a binary-scoring system to determine if a vulnerability will be added to vulnscan:

Threat intelligence from private and public sources is used to complement these criteria. The existence of published exploit code for the vulnerability is not a selection criteria, because if all other criteria are met then mass exploitation is likely to be imminent whether an exploit PoC has been published or not.

The following CVEs are identified by the vulnscan category of information. CVEs are either detected by an active, innocuous and non-intrusive check (check-based) or by specific version detection techniques (version-based):

CVEs by product vendors

Adobe

Apache

Atlassian

CheckPoint

Cisco

Citrix

ConnectWise Control

CrushFTP

F5 Networks

Fortinet

Fortra

GeoServer GeoServer

Gitlab Gitlab

GLPI-Project

IBM

Ivanti

JetBrains

Joomla

Juniper

Metabase

Microsoft

Mitel

MobileIron (Ivanti)

NOTE: log4shell checks are only active for on-demand scans:

MOVEit

NextGen

Oracle

ownCloud

Paessler AG

PaloAltoNetworks

PaperCut

PulseSecure (Ivanti)

Qlik

Roundcube

SAP

SonicWall

SolarWinds

Telerik

VMware

NOTE: log4shell checks are only active for on-demand scans:

Zimbra

ZKoss

ZohoCorp