Unrated severityNVD Advisory· Published Nov 8, 2021· Updated Aug 3, 2024
CVE-2021-31600
CVE-2021-31600
Description
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all valid usernames.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Hitachi Vantara Pentaho/Pentaho Business Intelligence Serverdescription
- Range: <=7.x
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/164787/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-User-Enumeration.htmlmitrex_refsource_MISC
- www.hitachi.com/hirt/security/index.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.