WAS Scanner

October 2023

Version 2.1.1

October 4, 2023

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
    • 149002 Apache HTTP Server 2.4.54 Security Release (Critical)

    • 151446 Apache HTTP Server 2.4.55 Security Release (High)

    • 151961 Apache HTTP Server 2.4.56 Security Release (High)

    • 152709 Apache Tomcat Denial Of Service Vulnerability (High)

    • 152711 Apache Tomcat Denial Of Service Vulnerability (High)

    • 152710 Apache Tomcat Information Disclosure Vulnerability (Medium)

    • 152712 Apache Tomcat Information Disclosure Vulnerability (High)

    • 150797 Apache Tomcat Injection Vulnerability (High)

    • 149001 Apache Tomcat Security Advisory: February 2022 (High)

    • 149423 Apache Tomcat Security Advisory: June 2022 (Medium)

    • 149000 Apache Tomcat Security Advisory: May 2022 (High)

    • 150241 Apache Tomcat Security Advisory: October 2022 (High)

    • 149005 Drupal Core Security Advisory: SA-CORE-2022-008 (Medium)

    • 149006 Drupal Core Security Advisory: SA-CORE-2022-009 (Medium)

    • 152713 Drupal Core Security Advisory: SA-CORE-2023-005 (Medium)

    • 149852 Drupal Security Advisory SA-CORE-2022-016 (High)

    • 149424 Drupal Security Advisory: SA-CORE-2022-010 (Medium)

    • 149425 Drupal Security Advisory: SA-CORE-2022-011 (Medium)

    • 149426 Drupal Security Advisory: SA-CORE-2022-012 (Medium)

    • 149427 Drupal Security Advisory: SA-CORE-2022-013 (High)

    • 149428 Drupal Security Advisory: SA-CORE-2022-014 (High)

    • 149429 Drupal Security Advisory: SA-CORE-2022-015 (Medium)

    • 151448 Joomla Security Advisory: February 2023 (Low)

    • 149014 Joomla! Core Security Advisory: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (Low)

    • 151965 Joomla! Improper Access Control Vulnerability (High)

    • 150243 Joomla! Information Disclosure vulnerability (Medium)

    • 152718 Joomla! MFA Brute Force Vulnerability (High)

    • 152717 Joomla! MFA Selection XSS Vulnerability (Medium)

    • 150242 Joomla! XSS vulnerability (Medium)

    • 150798 Nginx Denial of Service (DoS) Vulnerability (Medium)

    • 149860 PHP Cookie Integrity Vulnerability (Medium)

    • 149859 PHP Denial of Service (DoS) Vulnerability (Medium)

    • 151452 PHP Denial of Service Vulnerability (Medium)

    • 149634 PHP Heap Corruption Vulneraibility (High)

    • 149421 PHP Remote Code Execution (RCE) Vulnerability (High)

    • 149422 PHP Remote Code Execution (RCE) Vulnerability (High)

    • 151451 PHP Remote Code Execution Vulnerability (High)

    • 151967 PHP Security Update February 2023 (High)

    • 151968 PHP Security Update March 2023 (Medium)

    • 152725 PHP SOAP HTTP Digest Authentication Vulnerability (Low)

    • 156932 Server-Side Request Forgery (High)

    • 151793 Vulnerable Javascript Library Detected (Low)

    • 152726 Wordpress Core Directory Traversal Vulnerability (Medium)

    • 150803 Wordpress Cross-site scripting (XSS) Vulnerability (Medium)

    • 151453 Wordpress Denial of Service Vulnerability (Medium)

    • 150247 Wordpress Header Data Manipulation Vulnerability (High)

    • 150804 Wordpress Improper Authentication Vulnerability (Medium)

    • 150805 Wordpress Unauthenticated SSRF Vulnerability (Medium)

Fixes
  • Updated Vulnerability Descriptions:
    • 145498 Apache HTTP Server Security Update 2.4.48 (High)
    • 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)

    • 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)

    • 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)

    • 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)

    • 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)

    • 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)

    • 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)

    • 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)

    • 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)

    • 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)

    • 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)

    • 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)

    • 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)

    • 104152 Insecure Cookie Parameters (Trivial)

    • 117573 JspWebShell Detected (Critical)

    • 116642 Microsoft Windows Tilde Character File Name Information Disclosure (Low)

    • 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)

February 2023

Version 2.0.7

February 7, 2023

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 148390 Apache HTTP Server 2.4.53 Security Release (High)
    • 145498 Apache HTTP Server Security Update 2.4.48 (High)

    • 148043 Content Security Policy Missing (Trivial)

    • 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)

    • 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)

    • 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)

    • 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)

    • 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)

    • 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)

    • 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)

    • 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)

    • 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)

    • 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)

    • 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)

    • 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)

    • 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)

    • 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)

    • 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)

    • 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)

    • 104152 Insecure Cookie Parameters (Trivial)

    • 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)

    • 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)

    • 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)

    • 123536 jQuery Framework Detected (Info)

    • 117573 JspWebShell Detected (Critical)

    • 116642 Microsoft Windows Tilde Character File Name Information Disclosure (Low)

    • 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)

    • 102095 Wordpress Detected (Info)

January 2023

Version 2.0.6

January 26, 2023

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 148390 Apache HTTP Server 2.4.53 Security Release (High)
    • 145498 Apache HTTP Server Security Update 2.4.48 (High)

    • 148043 Content Security Policy Missing (Trivial)

    • 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)

    • 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)

    • 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)

    • 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)

    • 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)

    • 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)

    • 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)

    • 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)

    • 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)

    • 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)

    • 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)

    • 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)

    • 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)

    • 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)

    • 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)

    • 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)

    • 104152 Insecure Cookie Parameters (Trivial)

    • 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)

    • 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)

    • 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)

    • 123536 jQuery Framework Detected (Info)

    • 117573 JspWebShell Detected (Critical)

    • 116642 Microsoft Windows Tilde Character File Name Information Disclosure (Low)

    • 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)

    • 102095 Wordpress Detected (Info)

Version 2.0.5

January 9, 2023

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 148390 Apache HTTP Server 2.4.53 Security Release (High)
    • 145498 Apache HTTP Server Security Update 2.4.48 (High)

    • 148043 Content Security Policy Missing (Trivial)

    • 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)

    • 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)

    • 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)

    • 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)

    • 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)

    • 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)

    • 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)

    • 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)

    • 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)

    • 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)

    • 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)

    • 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)

    • 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)

    • 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)

    • 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)

    • 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)

    • 104152 Insecure Cookie Parameters (Trivial)

    • 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)

    • 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)

    • 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)

    • 123536 jQuery Framework Detected (Info)

    • 117573 JspWebShell Detected (Critical)

    • 104022 SSL Certificate: Chain Contains Weak RSA Keys (Trivial)

    • 102095 Wordpress Detected (Info)

November 2022

Version 2.0.4

November 15, 2022

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 148390 Apache HTTP Server 2.4.53 Security Release (High)
    • 145498 Apache HTTP Server Security Update 2.4.48 (High)

    • 148043 Content Security Policy Missing (Trivial)

    • 145502 Drupal Core Security Advisory: SA-CORE-2021-003 (Medium)

    • 145633 Drupal Core Security Advisory: SA-CORE-2021-004 (Medium)

    • 146102 Drupal Core Security Advisory: SA-CORE-2021-005 (High)

    • 146407 Drupal Core Security Advisory: SA-CORE-2021-006 (Low)

    • 146408 Drupal Core Security Advisory: SA-CORE-2021-007 (Medium)

    • 146409 Drupal Core Security Advisory: SA-CORE-2021-008 (Medium)

    • 146410 Drupal Core Security Advisory: SA-CORE-2021-009 (Medium)

    • 146958 Drupal Core Security Advisory: SA-CORE-2021-010 (Medium)

    • 147294 Drupal Core Security Advisory: SA-CORE-2021-011 (Medium)

    • 147935 Drupal Core Security Advisory: SA-CORE-2022-001 (Medium)

    • 147936 Drupal Core Security Advisory: SA-CORE-2022-002 (Medium)

    • 147937 Drupal Core Security Advisory: SA-CORE-2022-003 (Medium)

    • 147938 Drupal Core Security Advisory: SA-CORE-2022-004 (Medium)

    • 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)

    • 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)

    • 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)

    • 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)

    • 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)

    • 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)

    • 123536 jQuery Framework Detected (Info)

    • 117573 JspWebShell Detected (Critical)

    • 102095 Wordpress Detected (Info)

June 2022

Version 2.0.2

June 13, 2022

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 148390 Apache HTTP Server 2.4.53 Security Release (High)
    • 148043 Content Security Policy Missing (Trivial)

    • 148393 Drupal Security Advisory SA-CORE-2022-005 (Medium)

    • 148394 Drupal Security Advisory SA-CORE-2022-006 (Medium)

    • 148389 HTTP Strict Transport Security (HSTS) Header missing (Trivial)

    • 148404 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 2.5.0-3.10.6 and 4.0.0-4.1.0 (High)

    • 148405 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 3.7.0-3.10.6 (Medium)

    • 148403 Joomla! Core Security Advisory March 2022: Multiple Vulnerabilities in Versions 4.0.0-4.1.0 (Medium)

    • 123536 jQuery Framework Detected (Info)

    • 117573 JspWebShell Detected (Critical)

    • 102095 Wordpress Detected (Info)

March 2022

Version 1.0.34.1

March 10, 2022

Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 144776 Drupal Core Security Advisory SA-CORE-2021-002 (Medium)
    • 145502 Drupal Core Security Advisory SA-CORE-2021-003 (Medium)
    • 145633 Drupal Core Security Advisory SA-CORE-2021-004 (Medium)
    • 146102 Drupal Core Security Advisory SA-CORE-2021-005 (High)
    • 146407 Drupal Core Security Advisory SA-CORE-2021-006 (Low)
    • 146408 Drupal Core Security Advisory SA-CORE-2021-007 (Medium)
    • 146409 Drupal Core Security Advisory SA-CORE-2021-008 (Medium)
    • 146410 Drupal Core Security Advisory SA-CORE-2021-009 (Medium)
    • 146958 Drupal Core Security Advisory SA-CORE-2021-010 (Medium)
    • 147294 Drupal Core Security Advisory SA-CORE-2021-011 (Medium)
    • 116819 Drupal Core Security Advisory SA-CORE-2014-005 (High)
    • 124294 Drupal Core Security Advisory SA-CORE-2018-002 (Critical)
    • 127847 Drupal Core Security Advisory SA-CORE-2019-001 (Medium)
    • 127869 Drupal Core Security Advisory SA-CORE-2019-002 (High)
    • 127886 Drupal Core Security Advisory SA-CORE-2019-003 (Medium)
    • 128452 Drupal Core Security Advisory SA-CORE-2019-004 (Low)
    • 128685 Drupal Core Security Advisory SA-CORE-2019-006 (Medium)
    • 129038 Drupal Core Security Advisory SA-CORE-2019-007 (High)

January 2022

Version 1.0.33.0

January 5, 2022

New Features
  •  Includes new vulnerability checks: 
    • 147293 Apache HTTP Server Security Update 2.4.51 (High)
    • 147294 Drupal Security Advisory SA-CORE-2021-011 (Medium)
    • 147297 PHP December 2021 Security Update (Medium)
    • 147296 PHP November 2021 Security Update (Medium)
    • 147298 WordPress Arbitrary Code Execution Vulnerability (High)
    • 147290 WordPress Plugin: WP Fastest Cache Cross-Site Request Forgery (CSRF) Vulnerability (Medium)
    • 147291 WordPress Plugin: WP Fastest Cache SQL Injection Vulnerability (Medium)
    • 147283 WordPress Plugin: All In One SEO Authenticated Privilege Escalation Vulnerability (Medium)
    • 147284 WordPress Plugin: All In One SEO Authenticated SQL Injection Vulnerability (Medium)
    • 147285 WordPress Plugin: LiteSpeed Cache Cross-Site Scripting (XSS) Vulnerability (Medium)
    • 147286 WordPress Plugin: LiteSpeed Cache Cross-Site Scripting (XSS) Vulnerability (Medium)
    • 147287 WordPress Plugin: UpdraftPlus Stored Cross-Site Scripting (XSS) Vulnerability (Medium)
    • 147288 WordPress Plugin: UpdraftPlus Reflective Cross-Site Scripting (XSS) Vulnerability (Medium)
    • 147289 WordPress Plugin: UpdraftPlus Reflective Cross-Site Scripting (XSS) Vulnerability (Medium)
Enhancements
  • Includes several fixes and enhancements to the scanning engine and existing vulnerability checks.
Fixes
  • Updated Vulnerability Descriptions:
    • 104779 HTTP Header SQL Injection (High)
    • 132636 Potential Web Server Blind SQL Injection (High)
    • 104471 Web Server Blind SQL Injection (High)

Back to Digital Defense Products