Vulnerabilidades en Hitachi Vantara
53 resultadosCVE-2022-43769HIGHHitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)EPSS 97.7%KEVCVE-2022-43939HIGHHitachi Vantara Pentaho Business Analytics Server - Use of Non-Canonical URL Paths for Authorization DecisionsEPSS 92.3%KEVCVE-2022-43938HIGHHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') EPSS 26.6%CVE-2022-43771MEDIUMHitachi Vantara Pentaho Business Analytics Server - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') EPSS 23.9%CVE-2022-43773HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource EPSS 22.2%CVE-2023-6538HIGHSystem Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products is susceptible to unintended information disclosure via unprivileged access to SMU configuration backup data.EPSS 1.6%CVE-2025-0756CRITICALHitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')EPSS 0.8%CVE-2021-28052HIGHHitachi Content Platform Information Disclosure VulnerabilityEPSS 0.7%CVE-2024-5706HIGHHitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')EPSS 0.6%CVE-2023-3517HIGHHitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')EPSS 0.6%CVE-2022-4815HIGHHitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data EPSS 0.6%CVE-2022-43940HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.6%CVE-2021-45448HIGHPentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds.EPSS 0.6%CVE-2023-5808HIGHSystem Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products are susceptible to unintended information disclosure via unprivileged access to HNAS configuration backup and diagnostic data.EPSS 0.5%CVE-2022-43941HIGHHitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference EPSS 0.5%CVE-2022-43770MEDIUMHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.5%CVE-2024-37359HIGHHitachi Vantara Pentaho Business Analytics Server – Server Side Request ForgeryEPSS 0.5%CVE-2024-37361CRITICALHitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted DataEPSS 0.5%CVE-2022-3960MEDIUMHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') EPSS 0.5%CVE-2024-5705HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.5%