Product:

Oncommand_insight

(Netapp)
Repositories https://github.com/madler/zlib
https://github.com/mm2/Little-CMS
#Vulnerabilities 912
Date Id Summary Products Score Patch Annotated
2018-11-09 CVE-2018-1842 IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902. Cognos_analytics, Oncommand_insight 3.6
2017-02-02 CVE-2017-5600 The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obtain administrative access by leveraging a default privileged account. Oncommand_insight 9.8
2018-01-29 CVE-2017-1783 IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857. Cognos_analytics, Oncommand_insight 4.0
2018-01-29 CVE-2017-1779 IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824. Cognos_analytics, Oncommand_insight 7.8
2018-01-29 CVE-2017-1784 IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858. Cognos_analytics, Oncommand_insight 5.5
2019-08-09 CVE-2019-5498 OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user. Oncommand_insight 6.5
2019-05-10 CVE-2019-5496 Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. Oncommand_insight 7.5
2018-04-19 CVE-2018-2818 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.... Ubuntu_linux, Debian_linux, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql 4.9
2018-04-19 CVE-2018-2816 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts).... Ubuntu_linux, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql 4.9
2018-04-19 CVE-2018-2812 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete... Ubuntu_linux, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql 5.5