Vulnerabilities > Hitachivantara > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-2358 Cleartext Storage of Sensitive Information vulnerability in Hitachivantara Pentaho Business Analytics
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext. 
network
low complexity
hitachivantara CWE-312
4.9
4.9
2023-04-11 CVE-2022-3695 Cross-site Scripting vulnerability in Hitachivantara Pentaho Business Analytics
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.3.0.0, 9.2.0.4 and 8.3.0.27 allow a malicious URL to inject content into a dashboard when the CDE plugin is present.
network
low complexity
hitachivantara CWE-79
6.1
6.1