Volerion logoVolerion
Volerion logoVolerion

Hitachi Vantara Pentaho Business Analytics Server Incorrect Authorization Vulnerability

Vulnerability

A vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server in versions prior to 10.2.0.0 and 9.3.0.8, including 8.3.x. The issue arises because the product fails to properly enforce authorization checks in the data source management service. This lack of proper access control allows users to access restricted data or perform unauthorized actions, potentially leading to information exposure or denial-of-service conditions.

Impact

Exploitation of this vulnerability could result in unauthorized access to data or the ability to perform actions without proper authorization, potentially causing information exposure or denial-of-service issues.

Remediation

Users can upgrade to Pentaho Business Analytics Server version 10.2.0.0 or 9.3.0.8 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
3.1
impact
5.0
exploitability
5.2
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.