CVE-2024-6697

Name of the Vulnerable Software and Affected Versions Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 and 9.3.0.9, including 8.3.x

Description The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state. An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact.

Recommendations For Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 and 9.3.0.9, including 8.3.x, update to version 10.2.0.0 or 9.3.0.9 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.