CVE-2024-6696

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses reads and/or writes to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad becau...

CVE-2024-6696

Hitachi Vantara Pentaho Business Analytics Server exposes an authorization check flaw in the user console trash content across versions prior to 10.2.0.0 and 9.3.0.9 (including 8.3.x). The root cause is insufficient granularity in access controls (CWE-1220), allowing an attacker to bypass protect...