Hitachi Vantara Pentaho Business Analytics Server — known CVE vulnerabilities
Every CVE whose affected-product data names Hitachi Vantara Pentaho Business Analytics Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2022-43940 — CVSS 8.8 (high): Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly perform an…
CVE-2022-43773 — CVSS 8.8 (high): Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB…
CVE-2022-43938 — CVSS 8.8 (high): Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system…
CVE-2022-4815 — CVSS 8.0 (high): Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data…
CVE-2022-43941 — CVSS 7.1 (high): Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly protect the Post…
CVE-2022-43771 — CVSS 6.5 (medium): Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x, using the Pentaho Data Access…
CVE-2022-3960 — CVSS 6.3 (medium): Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system…
CVE-2022-4771 — CVSS 5.4 (medium): Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow a malicious URL to inject…
CVE-2022-4769 — CVSS 4.3 (medium): Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host…
CVE-2022-4770 — CVSS 4.3 (medium): Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the full parametrized SQL…
CVE-2023-1158 — CVSS 4.3 (medium): Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users…
CVE-2022-43772 — CVSS 3.8 (low): Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the…