Moderate

CVE-2009-0209 - Cryptographic Issues vulnerability in Osisoft PI Server

Publication: 2009-10-01
Summary

PI Server in OSIsoft PI System before 3.4.380.x does not properly use encryption in the default authentication process, which allows remote attackers to read or modify information in databases via unspecified vectors.

Classification
CWE-310: Cryptographic Issues

Risk level (CVSS 6.4)

Moderate

6.4

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Osisoft PI Server 2.4
  • Osisoft PI Server 2.6
  • Osisoft PI Server 3.4.363.97
  • Osisoft PI Server 3.4.370
  • Osisoft PI Server 3.4.375.99
  • Osisoft PI Server 3.4.375.99