A vulnerability in
Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and
8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located
inside the directory.
References
Link | Resource |
---|---|
https://support.pentaho.com/hc/en-us/articles/6744813983501 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory. |
21 Jul 2023, 16:52
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-281 |
Information
Published : 2022-11-02 15:15
Updated : 2024-02-28 19:29
NVD link : CVE-2021-45446
Mitre link : CVE-2021-45446
CVE.ORG link : CVE-2021-45446
JSON object : View
Products Affected
hitachi
- vantara_pentaho