Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system logs.
References
Configurations
History
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
Summary | Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system logs. |
10 Apr 2023, 18:13
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-532 | |
CPE | cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Hitachi
Hitachi vantara Pentaho Business Analytics Server |
|
References | (MISC) https://support.pentaho.com/hc/en-us/articles/14454594588045--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Insertion-of-Sensitive-Information-into-Log-File-Versions-before-9-4-0-0-and-9-3-0-1-including-8-3-x-Impacted-CVE-2022-43772- - Vendor Advisory |
03 Apr 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-03 19:15
Updated : 2023-12-10 15:01
NVD link : CVE-2022-43772
Mitre link : CVE-2022-43772
CVE.ORG link : CVE-2022-43772
JSON object : View
Products Affected
hitachi
- vantara_pentaho_business_analytics_server
CWE
CWE-532
Insertion of Sensitive Information into Log File