CVE-2021-34685
Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. Specifically, a .jsp file is not allowed, but a .jsp. file is allowed (and leads to remote code execution).
UploadService en Hitachi Vantara Pentaho Business Analytics versiones hasta 9.1, no verifica apropiadamente los archivos de usuario cargados, que permite a un usuario autenticado cargar varios archivos de diferentes tipos. En concreto, un archivo .jsp no está permitido, pero un archivo .jsp. sí lo está (y conlleva a una ejecución de código remota)
Pentaho allows users to upload various files of different file types. The upload service is implemented under the /pentaho/UploadService endpoint. The file types allowed by the application are csv, dat, txt, tar, zip, tgz, gz, gzip. When uploading a file with an extension other than the allowed file types, the application responds with the error message of UploadFileServlet.ERROR_0011 - File type not allowed. Allowable types are csv,dat,txt,tar,zip,tgz,gz,gzip. However, the file extension check can be bypassed by including a single dot "." at the end of the filename.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-14 CVE Reserved
- 2021-11-05 CVE Published
- 2024-04-22 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-434: Unrestricted Upload of File with Dangerous Type
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
http://packetstormsecurity.com/files/164775/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Filename-Bypass.html | 2024-08-04 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.hitachi.com/hirt/security/index.html | 2021-11-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hitachi Search vendor "Hitachi" | Vantara Pentaho Search vendor "Hitachi" for product "Vantara Pentaho" | <= 9.1.0.0 Search vendor "Hitachi" for product "Vantara Pentaho" and version " <= 9.1.0.0" | - |
Affected
|