Hitachivantara: >> Pentaho Business Analytics >> 8.0 Security Vulnerabilities
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-09-27
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.3.0.0, 9.2.0.4 and 8.3.0.27 allow a malicious URL to inject content into a dashboard when the CDE plugin is present.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-04-11
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-04-11
In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exists in the Business Analytics application.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-11-28