Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Vantara pentaho business intelligence server'
2021-11-08
CVE-2021-31599
CWE-434
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports (.prpt) file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code.
CVE-2021-31600
CWE-552
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all valid usernames.
CVE-2021-31601
CWE-863
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all databases connection details and credentials.
CVE-2021-31602
CWE-863
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials.
>>>
Vendor:
Hitachi
193
Produkty
Web server
Groupmax mail - security option
Pki runtime library
Cosminexus enterprise
Cosminexus server
Jp1 p-1b41-9461
Jp1 p-1b41-9471
Jp1 p-1j41-9471
Groupmax world wide web desktop
Groupmax world wide web
Web page generator
Web page generator enterprise
Alaxala
Gr3000
Gr4000
Gs4000
Cosminexus application server
Ip5000 voip wifi phone
Cosminexus collaboration portal
Groupmax collaboration portal
Groupmax collaboration web client
Groupmax mail smtp
Business logic
Cm2-network node manager
Jp1-cm2-network node manager 250
Hitsenser data mart server
Jpi netsight ii port discovery advance
Jpi netsight ii port discovery standard
Groupmax world wide web desktop scheduler
Groupmax world wide web scheduler
Xfit s
Xfit s jca
Xfit s zengin
Xfit s zgin
Jp1-cm2-network node manager
Jpi automatic job management system 2
Jpi performance management
Jpi pfm snmp system observer
Jpi security integrated manager
Jpi server conductor blade server manager
Jpi server conductor server manager
Jpi server system observer - report feature
Groupmax integrated desktop
Groupmax mail
Eur print service
Eur print service for ilf
Eur professional
Eur viewer
Hitsenser3
Groupmax address server
Groupmax mail server
Hitachi directory server 2
Tpi link
Tpi server base
Hirdb parallel server
Hirdb single server
Hirdb single server workgroup edition
Hirdb workgroup server
Hirdb datareplicator
Cosminexus application server version 5
Cosminexus developer light version 6
Cosminexus developer professional version 6
Cosminexus developer standard version 6
Cosminexus developer version 5
Cosminexus server - enterprise edition
Cosminexus server - standard edition
Cosminexus server - standard edition version 4
Cosminexus server - web edition
Cosminexus server - web edition version 4
Hitachi web server
Ucosminexus application server enterprise
Ucosminexus application server smart edition
Ucosminexus application server standard
Ucosminexus developer light
Ucosminexus developer standard
Ucosminexus service architect
Ucosminexus service platform
Hibun advanced edition server
Jpi hibun advanced edition server
Cm2-network node manager 250
Jp1-cm2-network node manager starter
Jp1-cm2-network node manager starter 250
Osas/ft/w
Ucosminexus collaboration portal
Ucosminexus content manager
Jp1-hicommand device manager
Jp1-hicommand global link availability manager
Jp1-hicommand replication monitor
Jp1-hicommand tiered storage manager
Jp1-hicommand tuning manager
Cosminexus component container
Electronic form workflow
Ucosminexus application server
Ucosminexus developer
Ucosminexus erp integrator
Groupmax mobile option
XP W
Tp1 net osi-tp-extended
Cosminexus tpbroker
Tpbroker
Zobacz wszystkie produkty dla producenta
Hitachi
Copyright
2024
, cxsecurity.com
Back to Top