Pentaho

Customer Portal

Get a grip on your data

With battle-tested solutions and a focus on foundational strength,

Pentaho+ helps you meet the challenges of an AI-driven world.

Ripple20 Vulnerability, August 2020 – Pentaho Not Impacted

Issue

A newly found IoT vulnerability called Ripple20 (CVE-2020-11896) has raised concern among some users of Pentaho that they may be at-risk.

Multiple NetApp products implement TCP using the Treck TCP/IP library prior to 6.0.1.66 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Hitachi Vantara has conducted an extensive review of our products and determined the vulnerabilities including remote code execution identified in CVE-2020-11896 do not affect Pentaho.

If you have any questions, please check the National Vulnerability Database information, or visit Pentaho’s Support Portal and open a ticket referencing this article.

Comments