CVE-2024-28982 Information

Jun 27, 2024 cve

Description

Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7 including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference.

Reference

https://support.pentaho.com/hc/en-us/articles/27569195609869–Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Improper-Restriction-of-XML-External-Entity-Reference-versions-before-10-1-0-0-and-9-3-0-7-including-8-3-x-Impacted-CVE-2024-28982

Share on: