Clear Text Exposure of Cluster Credentials in Hitachi Vantara Pentaho Business Analytics Server
CVE-2022-43772 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system logs.
Learn more about our Cis Benchmark Audit For Server Software.