Vulnerabilities > Osisoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-25 | CVE-2017-9641 | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI Coresight PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. | 8.8 |
2018-04-03 | CVE-2016-8365 | Improper Access Control vulnerability in Osisoft products OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI Data Archive versions prior to PI Data Archive 2015, Version 3.4.395.64) operates between endpoints without a complete model of endpoint features potentially causing the product to perform actions based on this incomplete model, which could result in a denial of service. | 5.5 |
2018-03-14 | CVE-2018-7533 | Incorrect Default Permissions vulnerability in Osisoft PI Data Archive 2017/3.4.430.460 An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. | 7.8 |
2018-03-14 | CVE-2018-7531 | Improper Input Validation vulnerability in Osisoft PI Data Archive 2017/3.4.430.460 An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. | 5.9 |
2018-03-14 | CVE-2018-7529 | Deserialization of Untrusted Data vulnerability in Osisoft PI Data Archive 3.4.430.460 A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. | 7.5 |
2018-03-14 | CVE-2018-7508 | Cross-site Scripting vulnerability in Osisoft PI Vision and PI web API A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. | 6.1 |
2018-03-14 | CVE-2018-7504 | Cross-site Scripting vulnerability in Osisoft PI Vision 2017 A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. | 6.1 |
2018-03-14 | CVE-2018-7500 | Unspecified vulnerability in Osisoft PI Vision and PI web API A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. | 9.8 |
2018-03-14 | CVE-2018-7496 | Information Exposure vulnerability in Osisoft PI Vision 2017 An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. | 5.3 |
2017-08-25 | CVE-2017-7934 | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 5.9 |