Vulnerabilities > IBM > Netezza
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-02-20 | CVE-2012-5941 | Cross-Site Scripting vulnerability in IBM Netezza 6.0.5/6.0.8/7.0 Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors. | 3.5 |
| 2013-02-20 | CVE-2012-5940 | Improper Authentication vulnerability in IBM Netezza 6.0.5/6.0.8/7.0 The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process. | 4.3 |
| 2013-02-20 | CVE-2012-5763 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Netezza 6.0.5/6.0.8/7.0 Cross-site request forgery (CSRF) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2013-02-20 | CVE-2012-5762 | Cross-Site Scripting vulnerability in IBM Netezza 6.0.5/6.0.8/7.0 Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol. | 3.5 |
| 2013-02-20 | CVE-2012-5761 | Cross-Site Scripting vulnerability in IBM Netezza 6.0.5/6.0.8/7.0 Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2013-02-20 | CVE-2012-5760 | SQL Injection vulnerability in IBM Netezza 6.0.5/6.0.8/7.0 SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |