3 matches found
Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
Hitachi Vantara Pentaho BA Server contains a special element injection vulnerability that allows an attacker to inject Spring templates into properties files, allowing for arbitrary command execution...
Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
Hitachi Vantara Pentaho BA Server contains a use of non-canonical URL paths for authorization decisions vulnerability that enables an attacker to bypass authorization...
Pentaho BA Server EE 9.3.0.0-428 Server-Side Template Injection / Remote Code Execution
Title: Pentaho BA Server EE 9.3.0.0-428 - RCE via Server-Side Template Injection Unauthenticated Author: dwbzn Date: 2022-04-04 Vendor: https://www.hitachivantara.com/ Software Link: https://www.hitachivantara.com/en-us/products/lumada-dataops/data-integration-analytics/download-pentaho.html...