Authorization Bypass in Hitachi Vantara Pentaho Business Analytics Server

Authorization Bypass in Hitachi Vantara Pentaho Business Analytics Server

CVE-2022-43940 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly perform an authorization check in the data source management service. 

Learn more about our Cis Benchmark Audit For Server Software.