Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Pentaho Data Integration & Analytics — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in Pentaho Data Integration & Analytics, with AI-generated Chinese analysis, references, and POCs.

Vendor: Hitachi Vantara

CVE IDTitleCVSSSeverityPaused
CVE-2025-24907 Hitachi Vantara Pentaho Data Integration & Analytics – Path Traversal CWE-35 6.8 Medium2025-04-16
CVE-2025-24908 Hitachi Vantara Pentaho Data Integration & Analytics – Path Traversal CWE-35 6.8 Medium2025-04-16
CVE-2025-0756 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') CWE-99 9.1 Critical2025-04-16
CVE-2024-37363 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization CWE-862 6.5 Medium2025-02-19
CVE-2024-37362 Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials CWE-522 6.3 Medium2025-02-19
CVE-2024-6697 Hitachi Vantara Pentaho Business Analytics Server - Improper Handling of Insufficient Permissions or Privileges CWE-280 6.5 Medium2025-02-19
CVE-2024-6696 Hitachi Vantara Pentaho Business Analytics Server - Insufficient Granularity of Access Control CWE-1220 4.9 Medium2025-02-19
CVE-2024-37361 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data CWE-502 9.9 Critical2025-02-19
CVE-2024-37360 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79 4.4 Medium2025-02-19
CVE-2024-37359 Hitachi Vantara Pentaho Business Analytics Server – Server Side Request Forgery CWE-918 8.6 High2025-02-19
CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization CWE-863 8.8 High2025-02-19
CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') CWE-99 8.8 High2025-02-19
CVE-2024-28981 Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials CWE-522 8.5 High2024-09-11
CVE-2023-5617 Hitachi Vantara Pentaho Data Integration & Analytics - Server-generated Error Message Containing Sensitive Information CWE-550 5.3 Medium2024-02-28
CVE-2023-3517 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') CWE-99 8.5 High2023-12-12

All 15 known CVE vulnerabilities affecting Pentaho Data Integration & Analytics with full Chinese analysis, references, and POCs where available.