CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

0day.today•added 2021/11/07 12:0 a.m.•351 views

Pentaho Business Analytics / Pentaho Business Server 9.1 User Enumeration Vulnerability

Pentaho implements a series of web services using the SOAP protocol to allow scripting interaction with the backend server. HAWSEC identified that the services userRoleListService and ServiceAction exposed through the /pentaho/webservices/userRoleListService and...

4.3CVSS5.5AI score0.00951EPSS

Exploits3

Packet Storm•added 2021/11/05 12:0 a.m.•461 views

Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Bypass of Filename Extension Restrictions Solution Status: Fix Released on public GitHub repository Manufacturer Notification: June 2021 Public...

7.3AI score0.02248EPSS

Exploits3

Packet Storm•added 2021/11/05 12:0 a.m.•803 views

Pentaho Business Analytics / Pentaho Business Server 9.1 SQL Injection

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Unauthenticated SQL Injection Solution Status: Fix Released on public GitHub repository Manufacturer Notification: June 2021 Public Disclosure: 01...

8.8AI score0.51653EPSS

Exploits6

Packet Storm•added 2021/11/05 12:0 a.m.•481 views

Pentaho Business Analytics / Pentaho Business Server 9.1 User Enumeration

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Jackrabbit User Enumeration Solution Status: Fix Released on public GitHub repository Manufacturer Notification: 8th February 2021 Solution Date: Wont...

5.8AI score0.00951EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by