Vulnerabilities (CVE)

Filtered by vendor Hitachi Subscribe
Filtered by product Pentaho Business Analytics Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-28984 1 Hitachi 1 Pentaho Business Analytics Server 2024-11-21 N/A 8.8 HIGH
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface.
CVE-2024-28982 1 Hitachi 1 Pentaho Business Analytics Server 2024-11-21 N/A 7.1 HIGH
Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference.