Netapp

Oncommand Insight

969 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2021-29824

  • EPSS 0.22%
  • Veröffentlicht 22.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:52

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a lower level user could have read access to to the 'Data Connections' page to which they don't have access. IBM X-Force ID: 204468.

8.8

CVE-2021-38886

  • EPSS 0.18%
  • Veröffentlicht 22.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:09

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 209399.

5.4

CVE-2021-38903

  • EPSS 0.15%
  • Veröffentlicht 22.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:11

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be ...

6.5

CVE-2021-38904

  • EPSS 0.27%
  • Veröffentlicht 22.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:11

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings. IBM X-Force ID: 209693.

4.3

CVE-2021-38905

  • EPSS 0.17%
  • Veröffentlicht 22.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:11

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to. IBM X-Force ID: 209697.

5.4

CVE-2021-38946

  • EPSS 0.69%
  • Veröffentlicht 22.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:16

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo...

2.9

CVE-2022-21486

  • EPSS 0.18%
  • Veröffentlicht 19.04.2022 21:15:18
  • Zuletzt bearbeitet 21.11.2024 06:44:48

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows hi...

4

CVE-2022-21489

  • EPSS 12.89%
  • Veröffentlicht 19.04.2022 21:15:18
  • Zuletzt bearbeitet 21.11.2024 06:44:49

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows hi...

4

CVE-2022-21490

  • EPSS 27.8%
  • Veröffentlicht 19.04.2022 21:15:18
  • Zuletzt bearbeitet 21.11.2024 06:44:49

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows hi...

5.3

CVE-2022-21496

  • EPSS 0.11%
  • Veröffentlicht 19.04.2022 21:15:18
  • Zuletzt bearbeitet 21.11.2024 06:44:50

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5,...