📦 Vantara Pentaho

by Hitachi

🔍 What is Vantara Pentaho?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2021-34684

CRITICAL CVSS 9.8 Nov 8, 2021

CVE-2021-34684 is a critical SQL injection vulnerability in Hitachi Vantara Pentaho Business Analytics that allows unauthenticated attackers to execute arbitrary SQL queries on any Pentaho data source...

CVE-2022-4815

HIGH CVSS 8.0 May 24, 2023

This vulnerability in Hitachi Vantara Pentaho Business Analytics Server allows remote code execution through insecure JSON deserialization. Attackers can exploit it by sending malicious JSON data to t...

CVE-2021-31599

HIGH CVSS 8.8 Nov 8, 2021

This vulnerability allows authenticated users to execute arbitrary code on Pentaho servers by exploiting BeanShell script inclusion in report (.prpt) files. It affects Hitachi Vantara Pentaho through ...

CVE-2021-31601

HIGH CVSS 7.1 Nov 8, 2021

This vulnerability allows any authenticated user in Hitachi Vantara Pentaho systems to retrieve database connection details and credentials via SOAP web services, regardless of their privilege level. ...