Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-09-24 CVE-2019-5505 Insufficiently Protected Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
network
low complexity
netapp CWE-522
5.0
2019-09-17 CVE-2019-4342 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm netapp CWE-79
5.4
2019-09-16 CVE-2019-11184 Race Condition vulnerability in multiple products
A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access.
high complexity
intel netapp CWE-362
4.8
2019-09-10 CVE-2019-5503 Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Workflow Automation 5.0
OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
network
low complexity
netapp CWE-319
5.0
2019-09-09 CVE-2019-16168 Divide By Zero vulnerability in multiple products
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
6.5
2019-09-04 CVE-2019-15902 Information Exposure vulnerability in multiple products
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11.
4.7
2019-08-19 CVE-2019-15223 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.1.8.
low complexity
linux netapp canonical CWE-476
4.6
2019-08-19 CVE-2019-15222 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.8.
low complexity
linux netapp opensuse CWE-476
4.6
2019-08-19 CVE-2019-15221 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.1.17.
4.6
2019-08-19 CVE-2019-15220 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.1.
4.6