VYPR
Unrated severityNVD Advisory· Published Jun 26, 2024· Updated Sep 11, 2024

Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference

CVE-2024-28982

Description

Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.