漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials
Vulnerability Description
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. (CWE-522) Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when saving connections to RedShift. Products must not disclose sensitive information without cause. Disclosure of sensitive information can lead to further exploitation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Hitachi Vantara Pentaho Data Integration & Analytics 安全漏洞
Vulnerability Description
Hitachi Vantara Pentaho Data Integration & Analytics是日本日立制作所(Hitachi)公司的一个数据集成与分析系统。 Hitachi Vantara Pentaho Data Integration & Analytics存在安全漏洞,该漏洞源于使用不安全的方法传输认证凭据,会导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A