CVE-2022-43769
Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
In short
Pentaho Business Analytics Server allows attackers to inject Spring template code through web service properties, which gets executed later. This lets them run arbitrary code on the server.
Technical detail
CWE-74 (Special Element Injection) vulnerability in Pentaho web services fails to sanitize Spring template expressions in property values before interpretation. Unauthenticated or authenticated attackers can inject malicious templates through affected web service endpoints; downstream processing interprets these templates, leading to remote code execution with server privileges.
Summary generated and translated by AI from the official description.
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Hitachi Vantara · Pentaho Business Analytics Serverpublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/51350unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.htmlhttps://support.pentaho.com/hc/en-us/articles/14455561548301--Resolved-Pentaho-BA-Server-Failure-to-Sanitize-Special-Elements-into-a-Different-Plane-Special-Element-Injection-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43769-https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-43769