CVE-2021-45448
Pentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds.
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Pentaho Business Analytics
Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho
Analyzer plugin exposes a service endpoint for templates which allows a
user-supplied path to access resources that are out of bounds.
The software uses external input to construct a pathname that is intended to identify a file or
directory that is located underneath a restricted parent directory, but the software does not
properly neutralize special elements within the pathname that can cause the pathname to
resolve to a location that is outside of the restricted directory. By using special elements such as
".." and "/" separators, attackers can escape outside of the restricted
location to access files or directories that are elsewhere on the
system.
Las versiones de Pentaho Business Analytics Server anteriores a 9.2.0.2 y 8.3.0.25 que utilizan el complemento Pentaho Analyzer exponen un endpoint de servicio para plantillas que permite una ruta proporcionada por el usuario para acceder a recursos que están fuera de los límites. El software utiliza entradas externas para construir un nombre de ruta destinado a identificar un archivo o directorio que se encuentra debajo de un directorio principal restringido, pero el software no neutraliza adecuadamente los elementos especiales dentro del nombre de ruta que pueden hacer que el nombre de ruta se resuelva en una ubicación que está fuera del directorio restringido. Al utilizar elementos especiales como separadores ".." y "/", los atacantes pueden escapar de la ubicación restringida para acceder a archivos o directorios que se encuentran en otras partes del sistema.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-21 CVE Reserved
- 2022-11-02 CVE Published
- 2024-05-25 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://support.pentaho.com/hc/en-us/articles/6744743458701 | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hitachi Search vendor "Hitachi" | Vantara Pentaho Search vendor "Hitachi" for product "Vantara Pentaho" | >= 8.3.0.0 < 8.3.0.25 Search vendor "Hitachi" for product "Vantara Pentaho" and version " >= 8.3.0.0 < 8.3.0.25" | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Vantara Pentaho Search vendor "Hitachi" for product "Vantara Pentaho" | >= 9.2.0.0 < 9.2.0.2 Search vendor "Hitachi" for product "Vantara Pentaho" and version " >= 9.2.0.0 < 9.2.0.2" | - |
Affected
|