Vulnerability CVE-2021-31602

Vulnerability Name:

CVE-2021-31602 (CCN-212925)

Assigned:

2021-11-02

Published:

2021-11-02

Updated:

2022-07-12

Summary:

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-287

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2021-31602

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/164784/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Authentication-Bypass.html

Source: XF
Type: UNKNOWN
pentaho-cve202131602-sec-bypass(212925)

Source: CCN
Type: pentaho GIT Repository
pentaho

Source: CCN
Type: Packet Storm Security [11-05-2021]
Pentaho Business Analytics / Pentaho Business Server 9.1 Authentication Bypass

Source: CCN
Type: Full-Disclosure Mailing List, Tue, 2 Nov 2021 19:17:10 +0100
Pentaho <= 9.1 Unauthenticated SQL Injection

Source: CCN
Type: Full-Disclosure Mailing List, Tue, 2 Nov 2021 19:18:35 +0100
Pentaho <= 9.1 Authentication Bypass of Spring APIs

Source: MISC
Type: Vendor Advisory
https://www.hitachi.com/hirt/security/index.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:hitachi:vantara_pentaho:*:*:*:*:*:*:*:* (Version <= 9.1.0.0)

OR cpe:/a:hitachi:vantara_pentaho_business_intelligence_server:*:*:*:*:*:*:*:* (Version <= 7.1)

Denotes that component is vulnerable

BACK