Vulnerabilities > Netapp > Oncommand Insight > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-09-21 CVE-2023-41993 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
The issue was addressed with improved checks.
8.8
2022-12-23 CVE-2022-43551 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP.
network
low complexity
haxx fedoraproject netapp splunk CWE-319
7.5
2022-12-20 CVE-2022-38733 Unspecified vulnerability in Netapp Oncommand Insight
OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.
network
low complexity
netapp
8.6
2022-09-01 CVE-2022-30614 IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flooding caused by sending a specially-crafted request.
network
low complexity
ibm netapp
7.5
2022-09-01 CVE-2022-36773 XXE vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm netapp CWE-611
8.1
2022-08-31 CVE-2022-1259 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-31 CVE-2022-1319 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-26 CVE-2021-3859 A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2.
network
low complexity
redhat netapp
7.5
2022-07-19 CVE-2022-34169 Incorrect Conversion between Numeric Types vulnerability in multiple products
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets.
7.5