3 matches found
CVE-2021-31599
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports .prpt file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code...
CVE-2021-31599
Vulnerability summary: CVE-2021-31599 affects Hitachi Vantara Pentaho (Pentaho BI Server 7.x and Pentaho Business Analytics up to 9.1). Affected component is the Pentaho Report Bundles (.prpt); the BeanShell scripting feature inside PRPT reports can be exploited by an authenticated user to execut...
Critical Flaws Uncovered in Pentaho Business Analytics Software
Multiple vulnerabilities have been disclosed in Hitachi Vantara's Pentaho Business Analytics software that could be abused by malicious actors to upload arbitrary data files and even execute arbitrary code on the underlying host system of the application. The security weaknesses were reported by...