CVE-2024-5705

🗓️ 19 Feb 2025 22:55:08Reported by HITVANType

Authorization check failure in Hitachi Vantara Pentaho allows bypassing access restrictions.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-5705	20 Feb 202501:48	–	circl
CNNVD	Hitachi Vantara Pentaho Business Analytics Server 安全漏洞	19 Feb 202500:00	–	cnnvd
Cvelist	CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization	19 Feb 202522:55	–	cvelist
EUVD	EUVD-2025-4650	3 Oct 202520:07	–	euvd
NVD	CVE-2024-5705	19 Feb 202523:15	–	nvd
Positive Technologies	PT-2025-7445 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server	19 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-5705	21 Feb 202523:22	–	redhatcve
Vulnrichment	CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization	19 Feb 202522:55	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Pentaho Data Integration & Analytics",
    "vendor": "Hitachi Vantara",
    "versions": [
      {
        "lessThan": "10.2.0.0",
        "status": "affected",
        "version": "10.0",
        "versionType": "maven"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Pentaho Business Analytics Server",
    "vendor": "Hitachi Vantara",
    "versions": [
      {
        "lessThan": "9.3.0.9",
        "status": "affected",
        "version": "1.0",
        "versionType": "maven"
      }
    ]
  }
]

Source	Link
support	www.support.pentaho.com/hc/en-us/articles/34296615099405--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Incorrect-Authorization-Versions-before-10-2-0-0-and-9-3-0-9-including-8-3-x-Impacted-CVE-2024-5705

15 Apr 2026 00:35Current

8.7High risk

Vulners AI Score8.7

CVSS 3.18.8

EPSS0.00034

SSVC

CWE-863