Vulnerabilities > Osisoft > PI WEB API > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-15 CVE-2019-13516 Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API
In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.
network
low complexity
osisoft CWE-352
8.8
2017-08-25 CVE-2017-7926 Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API 1.8
A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0).
network
low complexity
osisoft CWE-352
8.8
2017-02-13 CVE-2017-5153 Information Exposure Through Log Files vulnerability in Osisoft PI Coresight and PI web API
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit.
local
low complexity
osisoft CWE-532
7.8