Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly protect the Post Analysis service endpoint of the data access plugin against out-of-band XML External Entity Reference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hitachi vantara pentaho business analytics server |
||
hitachi vantara pentaho business analytics server 9.4.0.0 |