6 matches found
VulnCheck KEV: CVE-2021-31602
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml...
CVE-2021-31602
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml...
CVE-2021-31602
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml...
CVE-2021-31602
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml...
CVE-2021-31602
Hitachi Vantara Pentaho (through 9.1) and Pentaho BI Server (through 7.x) are affected by CVE-2021-31602, an authentication bypass caused by the applicationContext-spring-security.xml security layer. An unauthenticated user can extract information without valid credentials. NVD lists CVSS v3.1 ba...
金蝶AES系统Java web配置文件敏感信息泄露漏洞
0x01 漏洞框架 金蝶软件始创于1993年,是一家ERP、财务等企业管理软件厂商,拥有官网kigndee.com、友商网(youshang.com)、快递100(kuaidi100.com)、云之家(kdweibo.com)等互联网业务应用 官方主页:www.kingdee.com 客户案例: 0x02 漏洞利用 金蝶AES系统Java web配置文件可任意下载。 portal下的配置文件: http://58.63.253.42/portal/WEB-INF/web.xml...