Unrated severityNVD Advisory· Published Nov 8, 2021· Updated Aug 4, 2024
CVE-2021-34684
CVE-2021-34684
Description
Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Hitachi Vantara/Pentaho Business Analyticsdescription
- Range: <=9.1
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/164791/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-SQL-Injection.htmlmitrex_refsource_MISC
- www.hitachi.com/hirt/security/index.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.