Hitachi Pentaho Business Analytics Server Vulnerabilities
Hitachi Pentaho Business Analytics Server vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Pentaho Server Vulnerable to URL Injection Attacks
CVE-2024-28984Hitachi VantaraPentaho Business Analy...6.1MEDIUMPentaho Server Vulnerable to XML External Entity Reference Attack
CVE-2024-28982Hitachi VantaraPentaho Business Analy...8.2HIGHHitachi Vantara Pentaho Business Analytics Server β Password Stored in a Recoverable Format
CVE-2023-2358HitachiPentaho Business Analy...4.3MEDIUMHitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization
CVE-2023-1158HitachiPentaho Business Analy...4.3MEDIUMHitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data
CVE-2022-4815HitachiPentaho Business Analy...8HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization
CVE-2022-43770HitachiPentaho Business Analy...5.4MEDIUMHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation
CVE-2022-3695HitachiPentaho Business Analy...6.5MEDIUMHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-4771HitachiPentaho Business Analy...5.4MEDIUMHitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information
CVE-2022-4770HitachiPentaho Business Analy...4.3MEDIUMHitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information
CVE-2022-4769HitachiPentaho Business Analy...4.3MEDIUMHitachi Vantara Pentaho Business Analytics Server - Insertion of Sensitive Information into Log File
CVE-2022-43772HitachiPentaho Business Analy...3.8LOWHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CVE-2022-3960HitachiPentaho Business Analy...6.3MEDIUMHitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference
CVE-2022-43941HitachiPentaho Business Analy...7.1HIGHHitachi Vantara Pentaho Business Analytics Server - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-43771HitachiPentaho Business Analy...6.5MEDIUMHitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization
CVE-2022-43940HitachiPentaho Business Analy...8.8HIGHHitachi Vantara Pentaho Business Analytics Server - Use of Non-Canonical URL Paths for Authorization Decisions
CVE-2022-43939HitachiPentaho Business Analy...8.6HIGHHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CVE-2022-43938HitachiPentaho Business Analy...8.8HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource
CVE-2022-43773HitachiPentaho Business Analy...8.8HIGHHitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CVE-2022-43769HitachiPentaho Business Analy...EPSS 33%8.8HIGHPentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds.
CVE-2021-45448HitachiPentaho Business Analy...7.1HIGHPentaho Business Analytics Server - With the Data Lineage feature enabled, the system transmits database passwords in clear text
CVE-2021-45447HitachiPentaho Business Analy...7.7HIGHPentaho Business Analytics Server - Exposure of Information Through Directory Listing
CVE-2021-45446HitachiPentaho Business Analy...5MEDIUM
26 June 2024
27 September 2023
24 May 2023
11 April 2023
3 April 2023
2 November 2022
No more vulnerabilities to load.