Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/21 11:21 p.m.10 views

CVE-2024-5706

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

8.8CVSS7.9AI score0.00658EPSS
Exploits0References1
Circl
Circl
added 2025/02/20 1:48 a.m.5 views

CVE-2024-5706

creationtimestamp| type| source ---|---|--- 2025-02-20 01:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114033695538790847 2025-02-20 02:26:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lilagi25vc2p 2025-02-20 21:17:48+00:00| seen|...

8.8CVSS7.6AI score0.00658EPSS
Exploits0References3
NVD
NVD
added 2025/02/19 11:15 p.m.9 views

CVE-2024-5706

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

8.8CVSS0.00658EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/19 10:49 p.m.6 views

CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

8.8CVSS9.1AI score0.00658EPSS
Exploits0References1
CVE
CVE
added 2025/02/19 10:49 p.m.36 views

CVE-2024-5706

CVE-2024-5706 affects Hitachi Vantara Pentaho Data Integration & Analytics. Versions before 10.2.0.0 and 9.3.0.9, including 8.3.x, do not restrict JNDI identifiers when creating Community Dashboards, allowing control of system-level data sources and potentially enabling access to or modification ...

8.8CVSS9.1AI score0.00658EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/19 10:49 p.m.12 views

CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

8.8CVSS0.00658EPSS
Exploits0References1
Rows per page
Query Builder