Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe

Filtered by product Oncommand Insight

Total 946 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-1413	2 Ibm, Netapp	2 Cognos Analytics, Oncommand Insight	2024-11-21	3.5 LOW	5.4 MEDIUM
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138819.
CVE-2018-1258	5 Netapp, Oracle, Pivotal Software and 2 more	42 Oncommand Insight, Oncommand Unified Manager, Oncommand Workflow Automation and 39 more	2024-11-21	6.5 MEDIUM	8.8 HIGH
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
CVE-2017-1784	2 Ibm, Netapp	2 Cognos Analytics, Oncommand Insight	2024-11-21	2.1 LOW	5.5 MEDIUM
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-Force ID: 136858.
CVE-2017-1783	2 Ibm, Netapp	2 Cognos Analytics, Oncommand Insight	2024-11-21	2.1 LOW	4.0 MEDIUM
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857.
CVE-2017-1779	2 Ibm, Netapp	2 Cognos Analytics, Oncommand Insight	2024-11-21	2.1 LOW	7.8 HIGH
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.
CVE-2017-13652	1 Netapp	1 Oncommand Insight	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface.