Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vantara_pentaho_business_analytics_server
(Hitachi)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-04-03 | CVE-2022-43769 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream. | Vantara_pentaho_business_analytics_server | 7.2 | ||
| 2023-04-03 | CVE-2022-43939 | Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. | Vantara_pentaho_business_analytics_server | 9.8 | ||
| 2023-04-03 | CVE-2022-43773 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled. | Vantara_pentaho_business_analytics_server | 8.8 | ||
| 2023-04-03 | CVE-2022-3960 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of the Community Dashboard Editor (CDE) plugin. | Vantara_pentaho_business_analytics_server | 6.3 |