CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-31601 – Pentaho Business Analytics / Pentaho Business Server 9.1 Insufficient Access Control
https://notcve.org/view.php?id=CVE-2021-31601
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all databases connection details and credentials. Se ha detectado un problema en Hitachi Vantara Pentaho versiones hasta 9.1 y en Pentaho Business Intelligence Server versiones hasta 7.x. Implementan una serie de servicios web que usan el protocolo SOAP para permitir una interacción de scripts con el servidor backend. • http://packetstormsecurity.com/files/164779/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Insufficient-Access-Control.html https://www.hitachi.com/hirt/security/index.html •
CVSS: 7.2EPSS: 2%CPEs: 1EXPL: 1CVE-2021-34685 – Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass
https://notcve.org/view.php?id=CVE-2021-34685
UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. Specifically, a .jsp file is not allowed, but a .jsp. file is allowed (and leads to remote code execution). UploadService en Hitachi Vantara Pentaho Business Analytics versiones hasta 9.1, no verifica apropiadamente los archivos de usuario cargados, que permite a un usuario autenticado cargar varios archivos de diferentes tipos. En concreto, un archivo .jsp no está permitido, pero un archivo .jsp. sí lo está (y conlleva a una ejecución de código remota) Pentaho allows users to upload various files of different file types. The upload service is implemented under the /pentaho/UploadService endpoint. • http://packetstormsecurity.com/files/164775/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Filename-Bypass.html https://www.hitachi.com/hirt/security/index.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-31599 – Pentaho Business Analytics / Pentaho Business Server 9.1 Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-31599
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports (.prpt) file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code. Se ha detectado un problema en Hitachi Vantara Pentaho versiones hasta 9.1 y en Pentaho Business Intelligence Server versiones hasta 7.x. Un archivo de informes (.prpt) permite una inclusión de scripts BeanShell para facilitar la producción de informes complejos. • http://packetstormsecurity.com/files/164772/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Remote-Code-Execution.html https://www.hitachi.com/hirt/security/index.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 106EXPL: 0CVE-2021-29645
https://notcve.org/view.php?id=CVE-2021-29645
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who exploits this issue could execute arbitrary code on the local system. Hitachi JP1/IT Desktop Management 2 Agent versiones 9 hasta 12, llaman a la API SendMessageTimeoutW con argumentos arbitrarios por medio de una tubería local, conllevando a una vulnerabilidad de escalada de privilegios local. Un atacante que explote este problema podría ejecutar código arbitrario en el sistema local • https://www.hitachi.com/hirt/security/index.html •
CVSS: 10.0EPSS: 0%CPEs: 106EXPL: 0CVE-2021-29644
https://notcve.org/view.php?id=CVE-2021-29644
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS. Hitachi JP1/IT Desktop Management 2 Agent versiones 9 hasta 12, contienen una vulnerabilidad de ejecución de código remota debido a un desbordamiento de enteros. Un atacante con acceso de red al puerto 31016 podría explotar este problema para ejecutar código con privilegios no restringidos en el sistema operativo subyacente • https://www.hitachi.com/hirt/security/index.html • CWE-190: Integer Overflow or Wraparound •