December 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
LokiBot Malware – Active IOCs
November 12, 2024
Bitter APT Targeting Pakistan – Active IOCs
November 13, 2024
LokiBot Malware – Active IOCs
November 12, 2024
Bitter APT Targeting Pakistan – Active IOCs
November 13, 2024
Severity
High
Analysis Summary
CVE-2024-28981 CVSS:8.5
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.
CVE-2024-7125 CVSS:7.8
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01.
Impact
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-28981
- CVE-2024-7125
Affected Vendors
Hitachi
Affected Products
- Hitachi Vantara Pentaho Data Integration & Analytics - 1.0 - 9.4.0.0
- Hitachi Ops Center Common Services - 10.9.3-00
Remediation
Refer to Hitachi Website for patch, upgrade, or suggested workaround information.