CVE-2022-43939

HIGH KEV NUCLEI

Hitachi Vantara Pentaho <9.4.0.1-9.3.0.2 - SSRF

Title source: llm

Description

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.

Exploits (3)

exploitdb WORKING POC

by dwbzn · textwebappsjsp

https://www.exploit-db.com/exploits/51350

View Code ZIP pw:eip

vulncheck_xdb WORKING POC

remote

https://github.com/dwbzn/pentaho-exploits

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Harry Withington, dwbzn, jheysel-r7 · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/pentaho_business_server_authbypass_and_ssti.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Hitachi Pentaho Business Analytics Server - Bypass Authorization

HIGHVERIFIEDby daffainfo

Shodan: http.favicon.hash:1749354953

FOFA: icon_hash=1749354953

References (3)

[Exploit] http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html

[Vendor Advisory] https://support.pentaho.com/hc/en-us/articles/14455394120333--Resolved-Pentaho-BA-Server-Use-of-Non-Canonical-URL-Paths-for-Authorization-Decisions-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43939-

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-43939

Scores

CVSS v3 8.6

EPSS 0.9325

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Details

CISA KEV 2025-03-03

VulnCheck KEV 2023-11-17

ENISA EUVD EUVD-2022-46909

CWE

CWE-647

Status published

Products (2)

hitachi/vantara_pentaho_business_analytics_server 9.4.0.0

hitachi/vantara_pentaho_business_analytics_server < 9.3.0.2

Published Apr 03, 2023

KEV Added Mar 03, 2025

Tracked Since Feb 18, 2026