Oncommand Workflow Automation

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-26	CVE-2020-10727	Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. local low complexity apache netapp CWE-522	5.5
2020-06-15	CVE-2020-4051	In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. network low complexity openjsf debian netapp	5.4
2020-06-05	CVE-2020-12723	Classic Buffer Overflow vulnerability in multiple products regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. network low complexity perl netapp fedoraproject opensuse oracle CWE-120	7.5
2020-06-05	CVE-2020-10878	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. network low complexity perl fedoraproject opensuse netapp oracle CWE-190	8.6
2020-05-26	CVE-2020-10719	HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. network low complexity redhat netapp CWE-444	6.5
2020-05-01	CVE-2020-10683	XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. network low complexity dom4j-project oracle opensuse netapp canonical CWE-611 critical	9.8
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5
2020-04-15	CVE-2020-2930	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). network high complexity oracle fedoraproject canonical netapp	4.4
2020-04-15	CVE-2020-2925	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). network low complexity oracle fedoraproject netapp canonical	4.9
2020-04-15	CVE-2020-2924	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle fedoraproject canonical netapp	4.9