Podatność CVE-2022-43769

Podatność CVE-2022-43769

Publikacja: 2023-04-03

Opis:

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:

	Tytuł	Autor	Data
High	Pentaho Business Server Authentication Bypass / SSTI / Code Execution	jheysel-r7	11.05.2023

Referencje:

https://support.pentaho.com/hc/en-us/articles/14455561548301--Resolved-Pentaho-BA-Server-Failure-to-Sanitize-Special-Elements-into-a-Different-Plane-Special-Element-Injection-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43769

Podatność CVE-2022-43769

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:

High

Pentaho Business Server Authentication Bypass / SSTI / Code Execution

Referencje: