{"api_version":"1","generated_at":"2026-04-23T04:33:34+00:00","cve":"CVE-2021-45448","urls":{"html":"https://cve.report/CVE-2021-45448","api":"https://cve.report/api/cve/CVE-2021-45448.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-45448","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-45448"},"summary":{"title":"CVE-2021-45448","description":"Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources that are out of bounds. The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. By using special elements such as \"..\" and \"/\" separators, attackers can escape outside of the restricted location to access files or directories that are elsewhere on the system.","state":"PUBLIC","assigner":"security.vulnerabilities@hitachivantara.com","published_at":"2022-11-02 16:15:00","updated_at":"2023-11-07 03:39:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"https://support.pentaho.com/hc/en-us/articles/6744743458701","name":"https://support.pentaho.com/hc/en-us/articles/6744743458701","refsource":"MISC","tags":[],"title":"Security check","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-45448","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45448","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"45448","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hitachi","cpe5":"vantara_pentaho","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2021-45448","ASSIGNER":"security.vulnerabilities@hitachivantara.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources that are out of bounds. The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. By using special elements such as \"..\" and \"/\" separators, attackers can escape outside of the restricted location to access files or directories that are elsewhere on the system."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","cweId":"CWE-22"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Hitachi Vantara","product":{"product_data":[{"product_name":"Pentaho Business Analytics Server","version":{"version_data":[{"version_value":"9.2","version_affected":"="},{"version_value":"1.0","version_affected":"="}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.pentaho.com/hc/en-us/articles/6744743458701","refsource":"MISC","name":"https://support.pentaho.com/hc/en-us/articles/6744743458701"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"solution":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\n\n\nThe defect may be mitigated either by uninstalling the Pentaho Analyzer plugin or upgrading&nbsp;to the latest Hitachi Vantara Pentaho version \n9.3 release. For versions 9.2 and 8.3 we recommend updating to Service \nPacks 9.2.0.2/8.3.0.25 or above where this vulnerability is addressed. \n\n<br>"}],"value":"\n\nThe defect may be mitigated either by uninstalling the Pentaho Analyzer plugin or upgrading to the latest Hitachi Vantara Pentaho version \n9.3 release. For versions 9.2 and 8.3 we recommend updating to Service \nPacks 9.2.0.2/8.3.0.25 or above where this vulnerability is addressed. \n\n\n"}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2022-11-02 16:15:00","lastModifiedDate":"2023-11-07 03:39:00","problem_types":["CWE-22"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:hitachi:vantara_pentaho:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0.0","versionEndExcluding":"8.3.0.25","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:hitachi:vantara_pentaho:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0.0","versionEndExcluding":"9.2.0.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"45448","Ordinal":"223577","Title":"CVE-2021-45448","CVE":"CVE-2021-45448","Year":"2021"},"notes":[]}}}