CNNVD-202512-2616 Information

Dec 15, 2025 cve

CNNVD ID

CNNVD-202512-2616

CVE-2025-9121

  • CNNVD Published: 2025-12-15

Description (Chinese)

Hitachi Vantara Pentaho Data Integration & Analytics是日本日立制作所(Hitachi)公司的一个数据集成与分析系统。 Hitachi Vantara Pentaho Data Integration & Analytics 10.2.0.4之前版本存在安全漏洞,该漏洞源于反序列化不受信任的JSON数据,可能导致任意代码执行。

Description (English)

Hitachi Vantara Pentaho Data Information & Analytics is a data integration and analysis system for Hitachi, Japan. There was a security loophole in the pre-Hitachi Vantara Pentaho Data Information & Analytics 10.2.1.4 version, which originated from anti-sequencing untrusted JSON data and could lead to arbitrary code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

日立制作所

Published

2025-12-15

Last Modified

2026-02-24

References

https://support.pentaho.com/hc/en-us/articles/41832536185613–Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Deserialization-of-Untrusted-Data-Versions-before-10-2-0-4-Impacted-CVE-2025-9121 https://access.redhat.com/security/cve/cve-2025-9121

Patch

https://support.pentaho.com/hc/en-us/articles/41832536185613--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Deserialization-of-Untrusted-Data-Versions-before-10-2-0-4-Impacted-CVE-2025-9121

Share on: