Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Pentaho Business Analytics Server - With the Data Lineage feature enabled, the system transmits database passwords in clear text
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text. The transmission of sensitive data in clear text allows unauthorized actors with access to the network to sniff and obtain sensitive information that can be later used to gain unauthorized access.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
Hitachi Pentaho Business Analytics 安全漏洞
Vulnerability Description
Hitachi Pentaho Business Analytics是日本日立制作所(Hitachi)公司的一个业务分析平台。用于安全地访问、集成、操作、可视化和分析大数据资产。 Hitachi Pentaho Business Analytics 9.3.0.0 版本,9.2.0.2 版本之前的 9.2 版本和 8.3.0.25 版本之前的 8.3 版本存在安全漏洞,该漏洞源于明文形式传输数据库密码。
CVSS Information
N/A
Vulnerability Type
N/A