Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Hitachi Vantara — Vulnerabilities & Security Advisories 46

Browse all 46 CVE security advisories affecting Hitachi Vantara. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Hitachi Vantara:Pentaho Business Analytics ServerPentaho Data Integration & AnalyticsPentaho Data Integration and AnalyticsSystem Management Unit (SMU)Hitachi Content Platform
CVE IDTitleCVSSSeverityPaused
CVE-2025-11158 Hitachi Vantara Pentaho Data Integration & Analytics - Missing Authorization — Pentaho Data Integration and AnalyticsCWE-862 9.1 Critical2026-03-09
CVE-2025-9121 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data — Pentaho Data Integration and AnalyticsCWE-502 8.8 High2025-12-15
CVE-2025-9122 Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information — Pentaho Data Integration and AnalyticsCWE-209 5.3 Medium2025-12-15
CVE-2025-24907 Hitachi Vantara Pentaho Data Integration & Analytics – Path Traversal — Pentaho Data Integration & AnalyticsCWE-35 6.8 Medium2025-04-16
CVE-2025-24911 Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference — Pentaho Business Analytics ServerCWE-611 4.9 Medium2025-04-16
CVE-2025-24910 Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference — Pentaho Business Analytics ServerCWE-611 4.9 Medium2025-04-16
CVE-2025-24909 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — Pentaho Business Analytics ServerCWE-79 4.4 Medium2025-04-16
CVE-2025-24908 Hitachi Vantara Pentaho Data Integration & Analytics – Path Traversal — Pentaho Data Integration & AnalyticsCWE-35 6.8 Medium2025-04-16
CVE-2025-0756 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') — Pentaho Data Integration & AnalyticsCWE-99 9.1 Critical2025-04-16
CVE-2025-0757 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — Pentaho Business Analytics ServerCWE-79 4.4 Medium2025-04-16
CVE-2025-0758 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource — Pentaho Business Analytics ServerCWE-732 6.1 Medium2025-04-16
CVE-2024-37363 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization — Pentaho Data Integration & AnalyticsCWE-862 6.5 Medium2025-02-19
CVE-2024-37362 Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials — Pentaho Data Integration & AnalyticsCWE-522 6.3 Medium2025-02-19
CVE-2024-6697 Hitachi Vantara Pentaho Business Analytics Server - Improper Handling of Insufficient Permissions or Privileges — Pentaho Data Integration & AnalyticsCWE-280 6.5 Medium2025-02-19
CVE-2024-6696 Hitachi Vantara Pentaho Business Analytics Server - Insufficient Granularity of Access Control — Pentaho Data Integration & AnalyticsCWE-1220 4.9 Medium2025-02-19
CVE-2024-37361 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data — Pentaho Data Integration & AnalyticsCWE-502 9.9 Critical2025-02-19
CVE-2024-37360 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — Pentaho Data Integration & AnalyticsCWE-79 4.4 Medium2025-02-19
CVE-2024-37359 Hitachi Vantara Pentaho Business Analytics Server – Server Side Request Forgery — Pentaho Data Integration & AnalyticsCWE-918 8.6 High2025-02-19
CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization — Pentaho Data Integration & AnalyticsCWE-863 8.8 High2025-02-19
CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') — Pentaho Data Integration & AnalyticsCWE-99 8.8 High2025-02-19
CVE-2024-28981 Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials — Pentaho Data Integration & AnalyticsCWE-522 8.5 High2024-09-11
CVE-2024-28984 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — Pentaho Business Analytics ServerCWE-79 8.8 High2024-06-26
CVE-2024-28983 Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — Pentaho Business Analytics ServerCWE-79 8.8 High2024-06-26
CVE-2024-28982 Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference — Pentaho Business Analytics ServerCWE-776 7.1 High2024-06-26
CVE-2023-5617 Hitachi Vantara Pentaho Data Integration & Analytics - Server-generated Error Message Containing Sensitive Information — Pentaho Data Integration & AnalyticsCWE-550 5.3 Medium2024-02-28
CVE-2023-3517 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') — Pentaho Data Integration & AnalyticsCWE-99 8.5 High2023-12-12
CVE-2023-6538 System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products is susceptible to unintended information disclosure via unprivileged access to SMU configuration backup data. — System Management Unit (SMU)CWE-285 7.6 High2023-12-11
CVE-2023-5808 System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products are susceptible to unintended information disclosure via unprivileged access to HNAS configuration backup and diagnostic data. — System Management Unit (SMU)CWE-285 7.6 High2023-12-04
CVE-2023-2358 Hitachi Vantara Pentaho Business Analytics Server – Password Stored in a Recoverable Format — Pentaho Business Analytics ServerCWE-257 4.3 Medium2023-09-26
CVE-2022-4815 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data — Pentaho Business Analytics ServerCWE-502 8.0 High2023-05-24

This page lists every published CVE security advisory associated with Hitachi Vantara. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.