CVE-2024-28981
Severity CVSS v4.0:
Pending analysis
Type:
CWE-522
Insufficiently Protected Credentials
Publication date:
12/09/2024
Last modified:
15/04/2026
Description
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.
Impact
Base Score 3.x
8.50
Severity 3.x
HIGH