Customer Portal

Pentaho for the data driven.

Data fit companies are fast, accurate and efficient.

Data fit companies innovate and win.

Your data and success is mission critical. Pentaho is for mission critical.

Ripple20 Vulnerability, August 2020 – Pentaho Not Impacted


A newly found IoT vulnerability called Ripple20 (CVE-2020-11896) has raised concern among some users of Pentaho that they may be at-risk.

Multiple NetApp products implement TCP using the Treck TCP/IP library prior to are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Hitachi Vantara has conducted an extensive review of our products and determined the vulnerabilities including remote code execution identified in CVE-2020-11896 do not affect Pentaho.

If you have any questions, please check the National Vulnerability Database information, or visit Pentaho’s Support Portal and open a ticket referencing this article.