WAS Scanner

October 2023

Version 2.1.1

October 4, 2023

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
- 149002 Apache HTTP Server 2.4.54 Security Release (Critical)
- 151446 Apache HTTP Server 2.4.55 Security Release (High)
- 151961 Apache HTTP Server 2.4.56 Security Release (High)
- 152709 Apache Tomcat Denial Of Service Vulnerability (High)
- 152711 Apache Tomcat Denial Of Service Vulnerability (High)
- 152710 Apache Tomcat Information Disclosure Vulnerability (Medium)
- 152712 Apache Tomcat Information Disclosure Vulnerability (High)
- 150797 Apache Tomcat Injection Vulnerability (High)
- 149001 Apache Tomcat Security Advisory: February 2022 (High)
- 149423 Apache Tomcat Security Advisory: June 2022 (Medium)
- 149000 Apache Tomcat Security Advisory: May 2022 (High)
- 150241 Apache Tomcat Security Advisory: October 2022 (High)
- 149005 Drupal Core Security Advisory: SA-CORE-2022-008 (Medium)
- 149006 Drupal Core Security Advisory: SA-CORE-2022-009 (Medium)
- 152713 Drupal Core Security Advisory: SA-CORE-2023-005 (Medium)
- 149852 Drupal Security Advisory SA-CORE-2022-016 (High)
- 149424 Drupal Security Advisory: SA-CORE-2022-010 (Medium)
- 149425 Drupal Security Advisory: SA-CORE-2022-011 (Medium)
- 149426 Drupal Security Advisory: SA-CORE-2022-012 (Medium)
- 149427 Drupal Security Advisory: SA-CORE-2022-013 (High)
- 149428 Drupal Security Advisory: SA-CORE-2022-014 (High)
- 149429 Drupal Security Advisory: SA-CORE-2022-015 (Medium)
- 151448 Joomla Security Advisory: February 2023 (Low)
- 149014 Joomla! Core Security Advisory: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (Low)
- 151965 Joomla! Improper Access Control Vulnerability (High)
- 150243 Joomla! Information Disclosure vulnerability (Medium)
- 152718 Joomla! MFA Brute Force Vulnerability (High)
- 152717 Joomla! MFA Selection XSS Vulnerability (Medium)
- 150242 Joomla! XSS vulnerability (Medium)
- 150798 Nginx Denial of Service (DoS) Vulnerability (Medium)
- 149860 PHP Cookie Integrity Vulnerability (Medium)
- 149859 PHP Denial of Service (DoS) Vulnerability (Medium)
- 151452 PHP Denial of Service Vulnerability (Medium)
- 149634 PHP Heap Corruption Vulneraibility (High)
- 149421 PHP Remote Code Execution (RCE) Vulnerability (High)
- 149422 PHP Remote Code Execution (RCE) Vulnerability (High)
- 151451 PHP Remote Code Execution Vulnerability (High)
- 151967 PHP Security Update February 2023 (High)
- 151968 PHP Security Update March 2023 (Medium)
- 152725 PHP SOAP HTTP Digest Authentication Vulnerability (Low)
- 156932 Server-Side Request Forgery (High)
- 151793 Vulnerable Javascript Library Detected (Low)
- 152726 Wordpress Core Directory Traversal Vulnerability (Medium)
- 150803 Wordpress Cross-site scripting (XSS) Vulnerability (Medium)
- 151453 Wordpress Denial of Service Vulnerability (Medium)
- 150247 Wordpress Header Data Manipulation Vulnerability (High)
- 150804 Wordpress Improper Authentication Vulnerability (Medium)
- 150805 Wordpress Unauthenticated SSRF Vulnerability (Medium)

Fixes

Updated Vulnerability Descriptions:
- 145498 Apache HTTP Server Security Update 2.4.48 (High)
- 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)
- 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)
- 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)
- 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)
- 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)
- 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)
- 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)
- 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)
- 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)
- 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)
- 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)
- 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)
- 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)
- 104152 Insecure Cookie Parameters (Trivial)
- 117573 JspWebShell Detected (Critical)
- 116642 Microsoft Windows Tilde Character File Name Information Disclosure (Low)
- 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)

February 2023

Version 2.0.7

February 7, 2023

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 148390 Apache HTTP Server 2.4.53 Security Release (High)
- 145498 Apache HTTP Server Security Update 2.4.48 (High)
- 148043 Content Security Policy Missing (Trivial)
- 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)
- 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)
- 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)
- 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)
- 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)
- 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)
- 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)
- 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)
- 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)
- 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)
- 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)
- 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)
- 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)
- 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)
- 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)
- 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)
- 104152 Insecure Cookie Parameters (Trivial)
- 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)
- 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)
- 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)
- 123536 jQuery Framework Detected (Info)
- 117573 JspWebShell Detected (Critical)
- 116642 Microsoft Windows Tilde Character File Name Information Disclosure (Low)
- 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)
- 102095 Wordpress Detected (Info)

January 2023

Version 2.0.6

January 26, 2023

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 148390 Apache HTTP Server 2.4.53 Security Release (High)
- 145498 Apache HTTP Server Security Update 2.4.48 (High)
- 148043 Content Security Policy Missing (Trivial)
- 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)
- 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)
- 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)
- 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)
- 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)
- 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)
- 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)
- 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)
- 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)
- 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)
- 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)
- 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)
- 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)
- 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)
- 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)
- 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)
- 104152 Insecure Cookie Parameters (Trivial)
- 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)
- 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)
- 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)
- 123536 jQuery Framework Detected (Info)
- 117573 JspWebShell Detected (Critical)
- 116642 Microsoft Windows Tilde Character File Name Information Disclosure (Low)
- 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)
- 102095 Wordpress Detected (Info)

Version 2.0.5

January 9, 2023

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 148390 Apache HTTP Server 2.4.53 Security Release (High)
- 145498 Apache HTTP Server Security Update 2.4.48 (High)
- 148043 Content Security Policy Missing (Trivial)
- 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)
- 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)
- 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)
- 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)
- 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)
- 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)
- 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)
- 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)
- 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)
- 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)
- 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)
- 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)
- 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)
- 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)
- 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)
- 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)
- 104152 Insecure Cookie Parameters (Trivial)
- 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)
- 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)
- 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)
- 123536 jQuery Framework Detected (Info)
- 117573 JspWebShell Detected (Critical)
- 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)
- 102095 Wordpress Detected (Info)

November 2022

Version 2.0.4

November 15, 2022

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 148390 Apache HTTP Server 2.4.53 Security Release (High)
- 145498 Apache HTTP Server Security Update 2.4.48 (High)
- 148043 Content Security Policy Missing (Trivial)
- 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)
- 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)
- 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)
- 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)
- 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)
- 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)
- 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)
- 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)
- 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)
- 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)
- 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)
- 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)
- 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)
- 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)
- 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)
- 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)
- 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)
- 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)
- 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)
- 123536 jQuery Framework Detected (Info)
- 117573 JspWebShell Detected (Critical)
- 102095 Wordpress Detected (Info)

June 2022

Version 2.0.2

June 13, 2022

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 148390 Apache HTTP Server 2.4.53 Security Release (High)
- 148043 Content Security Policy Missing (Trivial)
- 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)
- 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)
- 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)
- 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)
- 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)
- 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)
- 123536 jQuery Framework Detected (Info)
- 117573 JspWebShell Detected (Critical)
- 102095 Wordpress Detected (Info)

March 2022

Version 1.0.34.1

March 10, 2022

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 144776 Drupal Core Security Advisory SA-CORE-2021-002 (Medium)
- 145502 Drupal Core Security Advisory SA-CORE-2021-003 (Medium)
- 145633 Drupal Core Security Advisory SA-CORE-2021-004 (Medium)
- 146102 Drupal Core Security Advisory SA-CORE-2021-005 (High)
- 146407 Drupal Core Security Advisory SA-CORE-2021-006 (Low)
- 146408 Drupal Core Security Advisory SA-CORE-2021-007 (Medium)
- 146409 Drupal Core Security Advisory SA-CORE-2021-008 (Medium)
- 146410 Drupal Core Security Advisory SA-CORE-2021-009 (Medium)
- 146958 Drupal Core Security Advisory SA-CORE-2021-010 (Medium)
- 147294 Drupal Core Security Advisory SA-CORE-2021-011 (Medium)
- 116819 Drupal Core Security Advisory SA-CORE-2014-005 (High)
- 124294 Drupal Core Security Advisory SA-CORE-2018-002 (Critical)
- 127847 Drupal Core Security Advisory SA-CORE-2019-001 (Medium)
- 127869 Drupal Core Security Advisory SA-CORE-2019-002 (High)
- 127886 Drupal Core Security Advisory SA-CORE-2019-003 (Medium)
- 128452 Drupal Core Security Advisory SA-CORE-2019-004 (Low)
- 128685 Drupal Core Security Advisory SA-CORE-2019-006 (Medium)
- 129038 Drupal Core Security Advisory SA-CORE-2019-007 (High)

January 2022

Version 1.0.33.0

January 5, 2022

New Features

Includes new vulnerability checks:
- 147293 Apache HTTP Server Security Update 2.4.51 (High)
- 147294 Drupal Security Advisory SA-CORE-2021-011 (Medium)
- 147297 PHP December 2021 Security Update (Medium)
- 147296 PHP November 2021 Security Update (Medium)
- 147298 WordPress Arbitrary Code Execution Vulnerability (High)
- 147290 WordPress Plugin: WP Fastest Cache Cross-Site Request Forgery (CSRF) Vulnerability (Medium)
- 147291 WordPress Plugin: WP Fastest Cache SQL Injection Vulnerability (Medium)
- 147283 WordPress Plugin: All In One SEO Authenticated Privilege Escalation Vulnerability (Medium)
- 147284 WordPress Plugin: All In One SEO Authenticated SQL Injection Vulnerability (Medium)
- 147285 WordPress Plugin: LiteSpeed Cache Cross-Site Scripting (XSS) Vulnerability (Medium)
- 147286 WordPress Plugin: LiteSpeed Cache Cross-Site Scripting (XSS) Vulnerability (Medium)
- 147287 WordPress Plugin: UpdraftPlus Stored Cross-Site Scripting (XSS) Vulnerability (Medium)
- 147288 WordPress Plugin: UpdraftPlus Reflective Cross-Site Scripting (XSS) Vulnerability (Medium)
- 147289 WordPress Plugin: UpdraftPlus Reflective Cross-Site Scripting (XSS) Vulnerability (Medium)

Enhancements

Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.

Fixes

Updated Vulnerability Descriptions:
- 104779 HTTP Header SQL Injection (High)
- 132636 Potential Web Server Blind SQL Injection (High)
- 104471 Web Server Blind SQL Injection (High)

Back to Digital Defense Products

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Last Published: 202405020729