Vulnerabilities > Osisoft > PI Vision > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-18 CVE-2020-25163 Cross-site Scripting vulnerability in Osisoft PI Vision 2017/2019
A remote attacker with write access to PI ProcessBook files could inject code that is imported into OSIsoft PI Vision 2020 versions prior to 3.5.0.
network
osisoft CWE-79
4.9
2022-04-18 CVE-2020-25167 Incorrect Authorization vulnerability in Osisoft PI Vision
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute.
network
low complexity
osisoft CWE-863
4.0
2021-11-17 CVE-2021-43553 Incorrect Authorization vulnerability in Osisoft PI Vision 2017/2019
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property.
network
low complexity
osisoft CWE-863
4.0
2020-01-15 CVE-2019-18275 Unspecified vulnerability in Osisoft PI Vision 2017/2019
OSIsoft PI Vision, All versions of PI Vision prior to 2019.
network
low complexity
osisoft
4.0
2020-01-15 CVE-2019-18271 Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI Vision 2017
OSIsoft PI Vision, All versions of PI Vision prior to 2019.
network
osisoft CWE-352
6.8
2018-03-14 CVE-2018-7508 Cross-site Scripting vulnerability in Osisoft PI Vision and PI web API
A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior.
network
osisoft CWE-79
4.3
2018-03-14 CVE-2018-7504 Cross-site Scripting vulnerability in Osisoft PI Vision 2017
A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior.
network
osisoft CWE-79
4.3
2018-03-14 CVE-2018-7496 Information Exposure vulnerability in Osisoft PI Vision 2017
An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior.
network
low complexity
osisoft CWE-200
5.0