HTTP: Pentaho BA Suite PDI Information Disclosure
This signature detects attempts to exploit a known vulnerability against Pentaho BA(Business Analytics) & PDI (Pentaho Data Integration) suite. A successful attack can lead to Sensitive Information Disclosure.
Extended Description
The GetResource servlet in Pentaho Business Analytics (BA) Suite 4.5.x, 4.8.x, and 5.0.x through 5.2.x and Pentaho Data Integration (PDI) Suite 4.3.x, 4.4.x, and 5.0.x through 5.2.x does not restrict access to files in the pentaho-solutions/system folder, which allows remote attackers to obtain passwords and other sensitive information via a file name in the resource parameter.
Affected Products
Pentaho business_analytics
References
CVE: CVE-2015-6940
Short Name
HTTP:INFO-LEAK:PENTAHO-BAPDI-ID
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
BA CVE-2015-6940 Disclosure Information PDI Pentaho Suite
Release Date
03/19/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Pentaho
CVSS Score
5.0