{"vulnerability": "cve-2022-43769", "sightings": [{"uuid": "cf02fc1e-6a5e-4650-922f-64995c91b4c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "3af2532b-b477-45b9-aaeb-7224d5b4439e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljpe33kttzd2", "content": "", "creation_timestamp": "2025-03-06T11:17:54.225602Z"}, {"uuid": "c37f6185-3876-4d03-9d95-39aa292fe678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljmkj4riezq2", "content": "", "creation_timestamp": "2025-03-05T08:25:52.243483Z"}, {"uuid": "6b9839b5-7473-4e8f-8848-c3a11c839857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljmhbtlcmqq2", "content": "", "creation_timestamp": "2025-03-05T07:27:22.336912Z"}, {"uuid": "3202476e-517e-4416-93ad-a1768d26e4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ljnfrdwpgs2i", "content": "", "creation_timestamp": "2025-03-05T16:32:20.209836Z"}, {"uuid": "6b4bbb04-58c1-4595-a6d5-dd3f064a213a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3472166", "content": "", "creation_timestamp": "2025-03-03T15:58:09.158240Z"}, {"uuid": "4d1ba81b-80aa-406b-bcb9-9a5b2c87e053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljmvgji7dgf2", "content": "", "creation_timestamp": "2025-03-05T11:40:32.257666Z"}, {"uuid": "34744873-332a-4bd5-a943-098b74818887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljkimniygqp2", "content": "", "creation_timestamp": "2025-03-04T12:47:40.452751Z"}, {"uuid": "61f3cdff-417a-467a-8f83-4ae541458a87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljpk72jkgfr2", "content": "", "creation_timestamp": "2025-03-06T13:07:53.838684Z"}, {"uuid": "c9af0cb5-f1b6-47e6-8ee5-c7d6bf9ac95e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:49.000000Z"}, {"uuid": "e8556b32-a948-4aa2-a58c-613072de2f53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-03T18:10:04.000000Z"}, {"uuid": "50243415-e9c7-45dc-9093-d269901eccda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljmyozffoaf2", "content": "", "creation_timestamp": "2025-03-05T12:38:25.104733Z"}, {"uuid": "937d897a-e5f2-42b2-8cee-7bc8a8e43995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljospadyyra2", "content": "", "creation_timestamp": "2025-03-06T05:56:27.774200Z"}, {"uuid": "6e5a4cfa-6ccf-4e3d-adac-a633904fbc85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljleeqwuce25", "content": "", "creation_timestamp": "2025-03-04T21:02:02.602861Z"}, {"uuid": "5565aaa8-7089-4634-acda-ea969922f921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-43769", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1c42a44c-4cfe-4ef7-a19b-7fd8175999b3", "content": "", "creation_timestamp": "2026-02-02T12:26:10.875641Z"}, {"uuid": "7270b3a2-2a72-45c6-a5b7-f62a8ddf503e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-06T04:40:21.000000Z"}, {"uuid": "d2b48adb-3073-437e-8113-43f54adf3782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljrlfzxtxoz2", "content": "", "creation_timestamp": "2025-03-07T08:24:05.251144Z"}, {"uuid": "46e3d678-325c-4ea9-8b76-703c28c70932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3ljk6glxxni27", "content": "", "creation_timestamp": "2025-03-04T09:43:00.021985Z"}, {"uuid": "c156511b-4857-4a8d-a142-4edf02197d65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ljk643vbstc2", "content": "", "creation_timestamp": "2025-03-04T09:44:36.662226Z"}, {"uuid": "decc1f41-72f4-41d2-889a-e6b95afe9e47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "f883f5ad-23cb-4811-b3c9-f4470d44f469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/pentaho_business_server_authbypass_and_ssti.rb", "content": "", "creation_timestamp": "2023-05-11T14:42:41.000000Z"}, {"uuid": "b32e2318-9f3a-4560-88d2-e6dfcf7a30a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "seen", "source": "https://t.me/cibsecurity/61355", "content": "\u203c CVE-2022-43769 \u203c\n\nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T22:25:06.000000Z"}, {"uuid": "142adb75-eb30-4832-80ea-5664611b43c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8078", "content": "#exploit\n1. CVE-2022-43769, CVE-2022-43939, \nCVE-2022-43773, CVE-2022-43938:\nPentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server\nhttps://research.aurainfosec.io/pentest/pentah0wnage\n\n2. CVE-2022-44675:\nWindows bluetooth vulnerability exploit\nhttps://vul.360.net/archives/690\n\n3. CVE-2023-29017:\nVM2 Sandbox Escape] Vulnerability\nhttps://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d", "creation_timestamp": "2023-04-08T20:04:44.000000Z"}, {"uuid": "e21303d2-4a1a-43e3-8776-63807685f8e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43769", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6282", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43769\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.\n\ud83d\udccf Published: 2023-04-03T17:47:45.737Z\n\ud83d\udccf Modified: 2025-03-03T20:14:14.063Z\n\ud83d\udd17 References:\n1. https://support.pentaho.com/hc/en-us/articles/14455561548301--Resolved-Pentaho-BA-Server-Failure-to-Sanitize-Special-Elements-into-a-Different-Plane-Special-Element-Injection-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43769-\n2. http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html", "creation_timestamp": "2025-03-03T20:30:48.000000Z"}]}