Server Error Discloses Tomcat Version in Hitachi Vantara Pentaho Data Integration & Analytics Versions
CVE-2023-5617
5.3MEDIUM
Key Information
- Vendor
- Hitachi
- Status
- Pentaho Data Integration & Analytics
- Vendor
- CVE Published:
- 28 February 2024
Summary
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered.
Affected Version(s)
Pentaho Data Integration & Analytics < 9.3.0.6
Pentaho Data Integration & Analytics < 10.1.0.0
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Hitachi Group Member