Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
High
CVE-2022-43769
Disclosure Date: April 03, 2023 (last updated October 08, 2023)
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
2
Attacker Value
Moderate
CVE-2022-43939
Disclosure Date: April 03, 2023 (last updated October 08, 2023)
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.
2