48 matches found
CVE-2023-34348
CVE-2023-34348 affects AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior. The vulnerability allows an unauthenticated, remote attacker to crash the PI Message Subsystem of a PI Server, yielding a denial-of-service condition. The issue is categorized as an Improper Check or Handling of Exce...
CVE-2023-34348 Improper Check or Handling of Exceptional Conditions in Aveva PI Server
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition...
CVE-2023-31274 Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service...
CVE-2023-31274 Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service...
CVE-2023-31274
CVE-2023-31274 affects AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior. The vulnerability allows an unauthenticated attacker to cause the PI Message Subsystem of a PI Server to consume memory, throttling processing of new PI Data Archive events and causing a partial denial-of-service con...
AVEVA PI Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : PI Server Vulnerabilities : Improper Check or Handling of Exceptional Conditions, Missing Release of Resource after Effective Lifetime 2. RISK EVALUATION Successful...
CVE-2021-43549
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...
CVE-2021-43549
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...
Information disclosure
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...
CVE-2021-43549 OSIsoft PI Web API
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...
CVE-2021-43549
CVE-2021-43549 affects the OSIsoft PI Web API. A remote authenticated attacker with write access to a PI Server can lure a user into interacting with a PI Web API endpoint and redirect them to a malicious site, potentially disclosing sensitive information or providing false data. Root cause: impr...
OSIsoft PI Server Cross-Site Scripting Vulnerability
Osisoft OSIsoft PI is a commercial software application platform based on the Ckient/Server architecture from OSIsoft Osisoft, USA. The platform supports data collection, analysis and visualization, etc. A security vulnerability exists in OSIsoft PI Server, which can be exploited by remote...
Authentication flaw
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective...
CVE-2017-7930
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective...
CVE-2017-7934
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an...
CVE-2017-7934
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an...
CVE-2017-7930
CVE-2017-7930 affects the OSIsoft PI Server 2017 family, specifically the PI Data Archive prior to 2017. The issue is an Improper Authentication vulnerability in the protocol that can expose change records in the clear and allow a malicious party to spoof a server within a PI Network. The connect...
CVE-2017-7930
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective...
CVE-2017-7934
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an...
CVE-2017-7934
CVE-2017-7934 concerns OSIsoft PI Server 2017 PI Data Archive prior to 2017, where PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and cause the PI Network Manager to behave in an undefined manner. The vulnerability ...