Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that stems from the presence of mishandled privileges,...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in its ability to disclose information through a server error message, allowing an intruder to expose the protected information.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to the disclosure of information through a server error message. Exploiting this vulnerability allows an attacker to remotely disclose the protected information...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in the use of non-standard URL paths for authentication solutions. This allows attackers to escalate their privileges.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to the use of non-canonical URL paths for authentication solutions. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

CVE-2022-43938

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports .prpt through the JVM script manager...

CVE-2022-4770

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the full parametrized SQL query in an error message when an invalid character is used within a Pentaho Report .prpt...