3.4.430.460

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

HIGH

network

low complexity

osisoft

CWE-476

NVD

Published: 2020-07-24

Updated: 2020-08-05

Summary

An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive (2018 SP2 and prior versions).

Vulnerable Configurations

Part	Description	Count
Application	Osisoft Osisoft PI Data Archive 3.4.430.460 Osisoft PI Data Archive 2018 Osisoft PI Data Archive 2019	4

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02