{"uuid": "1e723678-5e99-48e4-a431-26124bd03e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37362", "type": "seen", "source": "https://t.me/cvedetector/18489", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37362 - Hitachi Vantara Pentaho Data Integration & Analytics Database Password Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-37362 \nPublished : Feb. 20, 2025, 12:15 a.m. | 27\u00a0minutes ago \nDescription : The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. (CWE-522)   \n  \n  \n  \n\u00a0  \n  \n  \n  \nHitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when saving connections to RedShift.  \n  \n  \n  \n\u00a0  \n  \n  \n  \nProducts must not disclose sensitive information without cause. Disclosure of sensitive information can lead to further exploitation. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T02:16:31.000000Z"}