Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:36 p.m.27 views

CVE-2021-34684

Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI...

9.8CVSS8.2AI score0.05776EPSS
Exploits3References1
NVD
NVD
added 2021/11/08 4:15 a.m.40 views

CVE-2021-34684

Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI...

9.8CVSS0.05776EPSS
Exploits3References2
CVE
CVE
added 2021/11/08 3:34 a.m.75 views

CVE-2021-34684

CVE-2021-34684 affects Hitachi Vantara Pentaho Business Analytics (≤ 9.1). The vulnerability is an unauthenticated SQL injection in Pentaho’s data-source handling that allows an attacker to execute arbitrary SQL against the backend database and retrieve data, demonstrated through the api/repos/da...

9.8CVSS9.9AI score0.05776EPSS
Exploits3References2Affected Software1
The Hacker News
The Hacker News
added 2021/11/01 12:8 p.m.44 views

Critical Flaws Uncovered in Pentaho Business Analytics Software

Multiple vulnerabilities have been disclosed in Hitachi Vantara's Pentaho Business Analytics software that could be abused by malicious actors to upload arbitrary data files and even execute arbitrary code on the underlying host system of the application. The security weaknesses were reported by...

9.8CVSS1.1AI score0.51653EPSS
Exploits18
Rows per page
Query Builder