CVE-2022-4769

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host when a file is uploaded with an invalid character in its name. 
Configurations

Configuration 1 (hide)

cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:*

History

07 Nov 2023, 03:58

Type Values Removed Values Added
Summary Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host when a file is uploaded with an invalid character in its name. Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host when a file is uploaded with an invalid character in its name. 

10 Apr 2023, 17:14

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.3
References (MISC) https://support.pentaho.com/hc/en-us/articles/14452244712589--Resolved-Pentaho-BA-Server-Generation-of-Error-Message-Containing-Sensitive-Information-Versions-before-9-4-0-0-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-4769- - (MISC) https://support.pentaho.com/hc/en-us/articles/14452244712589--Resolved-Pentaho-BA-Server-Generation-of-Error-Message-Containing-Sensitive-Information-Versions-before-9-4-0-0-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-4769- - Vendor Advisory
CPE cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:*
CWE CWE-209
First Time Hitachi
Hitachi vantara Pentaho Business Analytics Server

03 Apr 2023, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-04-03 19:15

Updated : 2023-12-10 15:01


NVD link : CVE-2022-4769

Mitre link : CVE-2022-4769

CVE.ORG link : CVE-2022-4769


JSON object : View

Products Affected

hitachi

  • vantara_pentaho_business_analytics_server
CWE
CWE-209

Generation of Error Message Containing Sensitive Information