Vulnerabilities > Osisoft > PI Coresight

DATE CVE VULNERABILITY TITLE RISK
2018-05-25 CVE-2017-9641 Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI Coresight
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system.
network
osisoft CWE-352
6.8
6.8
2017-02-13 CVE-2017-5153 Information Exposure Through Log Files vulnerability in Osisoft PI Coresight and PI web API
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit.
local
low complexity
osisoft CWE-532
2.1
2.1