Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-43939 PoC — Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-43939.yaml
Associated Vulnerability
Title:Hitachi Vantara Pentaho Business Analytics Server 安全漏洞 (CVE-2022-43939)
Description:Hitachi Vantara Pentaho Business Analytics Server是日本日立制作所(Hitachi)公司的一个现代数据混合、集成和业务分析平台。 Hitachi Vantara Pentaho Business Analytics Server 存在安全漏洞,该漏洞源于使用非规范 URL 路径进行授权决策。
Description
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.
File Snapshot

 id: CVE-2022-43939

info:
  name: Hitachi Pentaho Business Analytics Server - Bypass Authorization
 

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.