CVE-2022-43769

HIGH KEV NUCLEI

Pentaho Business Server Auth Bypass and Server Side Template Injection RCE

Title source: metasploit

Description

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.

Exploits (3)

metasploit WORKING POC EXCELLENT

by Harry Withington, dwbzn, jheysel-r7 · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/pentaho_business_server_authbypass_and_ssti.rb

View Code ZIP pw:eip

vulncheck_xdb WORKING POC

remote

https://github.com/dwbzn/pentaho-exploits

View Code ZIP pw:eip

exploitdb WORKING POC

webappsjsp

https://www.exploit-db.com/exploits/51350

View Code ZIP pw:eip

Nuclei Templates (1)

Hitachi Pentaho Business Analytics Server - Remote Code Execution

HIGHVERIFIEDby dwbzn

Shodan: http.favicon.hash:1749354953

FOFA: icon_hash=1749354953

References (3)

[Exploit] http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html

[Vendor Advisory] https://support.pentaho.com/hc/en-us/articles/14455561548301--Resolved-Pentaho-BA-Server-Failure-to-Sanitize-Special-Elements-into-a-Different-Plane-Special-Element-Injection-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43769-

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-43769

Scores

CVSS v3 8.8

EPSS 0.9398

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-03-03

VulnCheck KEV 2025-03-03

ENISA EUVD EUVD-2022-46739

CWE

CWE-74 CWE-94

Status published

Products (2)

hitachi/vantara_pentaho_business_analytics_server 9.4.0.0

hitachi/vantara_pentaho_business_analytics_server 8.3.0.0 - 9.3.0.2

Published Apr 03, 2023

KEV Added Mar 03, 2025

Tracked Since Feb 18, 2026