CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2022-43939	High	93.4%	Hitachi VantaraPentaho Business Analytics (BA) Server	Hitachi Vantara Pentaho BA Server contains a use of non-canonical URL paths for authorization decisions vulnerability that enables an attacker to bypass authorization.	Mar 3, 2025	KEV
CVE-2022-43769	High	94.0%	Hitachi VantaraPentaho Business Analytics (BA) Server	Hitachi Vantara Pentaho BA Server contains a special element injection vulnerability that allows an attacker to inject Spring templates into properties files, allowing for arbitrary command execution.	Mar 3, 2025	KEV

CVE-2022-43939KEV

High

Hitachi Vantara Pentaho BA Server contains a use of non-canonical URL paths for authorization decisions vulnerability that enables an attacker to bypass authorization.

Hitachi VantaraEPSS 93.4%

CVE-2022-43769KEV

High

Hitachi Vantara Pentaho BA Server contains a special element injection vulnerability that allows an attacker to inject Spring templates into properties files, allowing for arbitrary command execution.

Hitachi VantaraEPSS 94.0%