CVE-2025-9121

Pentaho Data Integration and Analytics Community Dashboard Editor plugin (versions before 10.2.0.4, including 9.3.0.x and 8.3.x) is affected by CVE-2025-9121 due to deserializing untrusted JSON data without constraining the parser to approved classes/methods. Root cause: insecure JSON deserializa...

CVE-2025-9122 Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

CVE-2025-9122

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework exposes the full server stack trace when errors occur in the GetCdfResource servlet. Affected versions include before 10.2.0.4, specifically 9.3.0.x and 8.3.x. Impact is information disclosure of internal stack d...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, 9.3.x, and 8.3.x. The...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, 9.3.x, and 8.3.x. The...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, which stems from the Analyze...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118link is external Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939link is external Hitachi Vantara Pentaho BA Server...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that stems from the presence of an incorrect authorizati...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that stems from an authorization check not being performe...

PT-2025-7409 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.3.0.9 Hitachi Vantara Pentaho Business Analytics Server version 8.3.x Description: The web serv...

Hitachi Vantara Pentaho Business Analytics Server 代码问题漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Japan. A code issue vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that stems from the presence of an unvalidated Host header for...

PT-2025-7412 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 and 9.3.0.8, including 8.3.x Description: The product does not perform an authorization check when an actor attempts to access a resource or perform an action. This...

CVE-2024-28984

Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface...

CVE-2024-28982

Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference...

CVE-2024-28982

Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference...

CVE-2024-28983

Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface...

Hitachi Vantara Pentaho Business Analytics Server Security Vulnerability

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that originates from a password that saves the Hadoop...

Hitachi Vantara Pentaho Business Analytics Server 代码问题漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server version 8.3.x, version 9.4.x up to and including version 9.4.0.1, and...

PT-2023-15592 · Hitachi Vantara · Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Pentaho Business Analytics Server versions prior to 9.4.0.1 Pentaho Business Analytics Server versions prior to 9.3.0.3 Pentaho Business Analytics Server version 8.3.x Description: The issue concerns the deserialization of untrusted JSON data...

PT-2023-2907 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x Description: The issue is related to improper authorization in the Hitachi Vantara Pentaho Business Analytics Server. Exploitation of this...