CVE-2022-4771

CVSS V2 None CVSS V3 None
Description
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow a malicious URL to inject content into the Pentaho User Console through session variables.
Overview
  • CVE ID
  • CVE-2022-4771
  • Assigner
  • security.vulnerabilities@hitachivantara.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-03T19:15:07
  • Last Modified Date
  • 2023-04-10T17:03:33
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:* 1 OR 9.3.0.2
cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:9.4.0.0:*:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2023-04-17 04:03:29 Added to TrackCVE
2023-04-17 04:03:32 Weakness Enumeration new