cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-28981,https://securityvulnerability.io/vulnerability/CVE-2024-28981,Pentaho Data Integration & Analytics Vulnerability: Database Passwords Disclosed,"Hitachi Vantara Pentaho Data Integration & Analytics has a vulnerability that exposes database passwords when searching metadata fields that are injectable. This flaw affects versions prior to 10.1.0.0 and 9.3.0.8, as well as the 8.3.x series. The identification of insufficiently protected credentials can potentially lead to unauthorized access to sensitive data, demanding prompt attention and remediation to maintain the integrity and confidentiality of the information handled by the application.",Hitachi,Pentaho Data Integration & Analytics,8.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-12T00:15:00.000Z,0
CVE-2023-5617,https://securityvulnerability.io/vulnerability/CVE-2023-5617,Server Error Discloses Tomcat Version in Hitachi Vantara Pentaho Data Integration & Analytics Versions,"
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered.



",Hitachi,Pentaho Data Integration & Analytics,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-28T22:30:40.128Z,0
CVE-2023-3517,https://securityvulnerability.io/vulnerability/CVE-2023-3517,Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers  ('Resource Injection'),"The vulnerability in Hitachi Vantara Pentaho Data Integration & Analytics arises from the lack of restrictions on JNDI identifiers during XActions creation. This flaw can lead to unauthorized manipulation of system-level data sources, potentially allowing attackers to gain access to sensitive information or disrupt data integration processes. Users are advised to upgrade to the secure versions to mitigate potential risks.",Hitachi,Pentaho Data Integration & Analytics,8.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-12-12T23:15:00.000Z,0