CVE-2024-28981
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0
Description
Description
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.
CVSS Scores
Affected Vendors & Products
| Vendor | Product | Version |
|---|---|---|
| hitachi | pentaho_data_integration_and_analytics | |
| hitachi | pentaho_data_integration_and_analytics | 8.3 |
| hitachi | pentaho_data_integration_and_analytics | 9.3 |
| hitachi | pentaho_data_integration_and_analytics | 10.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-522 | Insufficiently Protected Credentials |
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
Meta Information
Date published:
2024-09-12
Date last modified:
2024-09-12
Date generated:
2025-01-15
NVD report: