3 matches found
CVE-2022-4770
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the full parametrized SQL query in an error message when an invalid character is used within a Pentaho Report .prpt...
CVE-2022-4770 Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the full parametrized SQL query in an error message when an invalid character is used within a Pentaho Report .prpt...
CVE-2022-4770
Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.4.0.0 and 9.3.0.2 (including 8.3.x) disclose the full parametrized SQL query in an error message when a Pentaho Report (.prpt) contains an invalid character. This is an information disclosure vulnerability affecting the error-h...