High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-14	CVE-2018-7529	Deserialization of Untrusted Data vulnerability in Osisoft PI Data Archive 3.4.430.460 A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. network low complexity osisoft CWE-502	7.5
2017-08-25	CVE-2017-7930	Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. network high complexity osisoft CWE-287	7.4
2017-08-25	CVE-2017-7926	Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API 1.8 A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). network low complexity osisoft CWE-352	8.8
2017-02-13	CVE-2017-5153	Information Exposure Through Log Files vulnerability in Osisoft PI Coresight and PI web API An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. local low complexity osisoft CWE-532	7.8