CVE-2024-37363

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 20, 2025

CWE ID 862

Summary

CVE-2024-37363 is a vulnerability affecting Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 and 9.3.0.8, including 8.3.x. This issue (CWE-862) arises from insufficient authorization checks in the data source management service. As a result, unauthorized users may gain access to sensitive data or perform unapproved actions. These misapplied access control checks can result in significant risks such as information exposures and denial of service.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wUdaCi
https://www.cve.org/CVERecord?id=CVE-2024-37363
https://nvd.nist.gov/vuln/detail/CVE-2024-37363

Back to Vulnerability Database

CVE-2024-37363

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations