Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Vulnerability Type
DTD中递归实体索引的不恰当限制(XML实体扩展)
Vulnerability Title
Hitachi Vantara Pentaho Business Analytics Server 安全漏洞
Vulnerability Description
Hitachi Vantara Pentaho Business Analytics Server是日本日立制作所(Hitachi)公司的一个现代数据混合、集成和业务分析平台。 Hitachi Vantara Pentaho Business Analytics Server 存在安全漏洞,该漏洞源于无法正确保护 Pentaho 用户控制台的 ACL 服务端点免受 XML 外部实体引用的影响。
CVSS Information
N/A
Vulnerability Type
N/A