CVE-2023-3517 | Hitachi Vantara Pentaho Data Integration & Analytics prior 9.3.0.5/9.5.0.1 JNDI Identifier resource injection

Posted by Angelo Barbosa | Dec 13, 2023 | CVE

A vulnerability was found in Hitachi Vantara Pentaho Data Integration & Analytics and classified as critical. This issue affects some unknown processing of the component JNDI Identifier Handler. The manipulation leads to improper control of resource identifiers.

The identification of this vulnerability is CVE-2023-3517. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-3517 | Hitachi Vantara Pentaho Data Integration & Analytics prior 9.3.0.5/9.5.0.1 JNDI Identifier resource injection

Related Posts

CVE-2023-50767 | Nexus Platform Plugin up to 3.18.0-03 on Jenkins HTTP Request permission

CVE-2024-1062 | 389-ds-base log_entry_attr heap-based overflow

CVE-2023-49042 | Tenda AX1803 1.0.0.1 setSchedWifi schedStartTime heap-based overflow

CVE-2024-30111 | HCL DRYiCE AEX 10 missing immutable root of trust in hardware (KB0114193)