Clear Text Exposure of Cluster Credentials in Hitachi Vantara Pentaho Business Analytics Server

Clear Text Exposure of Cluster Credentials in Hitachi Vantara Pentaho Business Analytics Server

CVE-2022-43772 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system logs. 

Learn more about our Cis Benchmark Audit For Server Software.