Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pentaho_business_analytics
(Hitachivantara)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-09-27 | CVE-2023-2358 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext. | Pentaho_business_analytics | 4.9 | ||
| 2023-04-11 | CVE-2022-3695 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.3.0.0, 9.2.0.4 and 8.3.0.27 allow a malicious URL to inject content into a dashboard when the CDE plugin is present. | Pentaho_business_analytics | 6.1 | ||
| 2023-04-11 | CVE-2022-43770 | Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API. | Pentaho_business_analytics | 8.1 | ||
| 2017-11-28 | CVE-2016-10701 | In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exists in the Business Analytics application. | Pentaho_business_analytics | 8.8 |