Vulnerabilities > Netapp > Oncommand Insight > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2022-21374 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema).
network
low complexity
oracle netapp
4.9
4.9
2022-01-19 CVE-2022-21378 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
5.5
5.5
2022-01-19 CVE-2022-21379 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin).
network
low complexity
oracle netapp
4.9
4.9
2022-01-19 CVE-2022-21380 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp
6.3
6.3
2021-12-09 CVE-2021-38926 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks.
local
low complexity
ibm netapp
5.5
5.5
2021-12-09 CVE-2021-38931 Exposure of Resource to Wrong Sphere vulnerability in multiple products
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from.
network
low complexity
ibm netapp CWE-668
6.5
6.5
2021-12-03 CVE-2021-20493 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm netapp CWE-79
6.1
6.1
2021-12-03 CVE-2021-29716 IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application that privileged user should only be allowed to view.
network
low complexity
ibm netapp
6.5
6.5
2021-12-03 CVE-2021-29719 IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type.
network
low complexity
ibm netapp
5.3
5.3
2021-12-03 CVE-2021-29867 IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter notebook that they should not have access to.
network
low complexity
ibm netapp
5.4
5.4