Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hitachi Vantara Pentaho Business Analytics Server - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x, using the Pentaho Data Access plugin exposes a service endpoint for CSV import which allows a user supplied path to access resources that are out of bounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Hitachi Vantara Pentaho Business Analytics Server 路径遍历漏洞
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server是日本日立制作所(Hitachi)公司的一个现代数据混合、集成和业务分析平台。 Hitachi Vantara Pentaho Business Analytics Server存在安全漏洞,该漏洞源于对受限目录的路径名的不当限制导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A