Vulnerabilities > Osisoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-25 | CVE-2017-9641 | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI Coresight PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. | 6.8 |
| 2018-03-14 | CVE-2018-7508 | Cross-site Scripting vulnerability in Osisoft PI Vision and PI web API A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. | 4.3 |
| 2018-03-14 | CVE-2018-7504 | Cross-site Scripting vulnerability in Osisoft PI Vision 2017 A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. | 4.3 |
| 2018-03-14 | CVE-2018-7496 | Information Exposure vulnerability in Osisoft PI Vision 2017 An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. | 5.0 |
| 2017-08-25 | CVE-2017-7934 | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 4.3 |
| 2017-08-25 | CVE-2017-7930 | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 5.8 |
| 2017-08-25 | CVE-2017-7926 | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API 1.8 A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). | 6.8 |
| 2017-02-13 | CVE-2016-8353 | Permissions, Privileges, and Access Controls vulnerability in Osisoft PI web API 2015 R2 1.5.1 An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). | 5.5 |
| 2016-06-19 | CVE-2016-4530 | Improper Input Validation vulnerability in Osisoft PI SQL Data Access Server 2016 1.5 OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message. | 4.0 |
| 2016-06-19 | CVE-2016-4518 | Improper Input Validation vulnerability in Osisoft PI AF Server 2016 OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message. | 4.0 |