Unauthorized Access to Dashboard Prompts in Hitachi Vantara Pentaho Business Analytics Server

Unauthorized Access to Dashboard Prompts in Hitachi Vantara Pentaho Business Analytics Server

CVE-2023-1158 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users who are not part of the authorization list. 

Learn more about our Cis Benchmark Audit For Server Software.