Lucene search
K

48 matches found

CVE
CVE
added 2024/01/18 5:16 p.m.46 views

CVE-2023-34348

CVE-2023-34348 affects AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior. The vulnerability allows an unauthenticated, remote attacker to crash the PI Message Subsystem of a PI Server, yielding a denial-of-service condition. The issue is categorized as an Improper Check or Handling of Exce...

7.5CVSS7.5AI score0.00555EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/18 5:16 p.m.41 views

CVE-2023-34348 Improper Check or Handling of Exceptional Conditions in Aveva PI Server

AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition...

7.5CVSS7.7AI score0.00555EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/18 5:15 p.m.15 views

CVE-2023-31274 Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server

AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service...

5.3CVSS6.7AI score0.00502EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/18 5:15 p.m.42 views

CVE-2023-31274 Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server

AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service...

5.3CVSS5.4AI score0.00502EPSS
Exploits0References1
CVE
CVE
added 2024/01/18 5:15 p.m.36 views

CVE-2023-31274

CVE-2023-31274 affects AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior. The vulnerability allows an unauthenticated attacker to cause the PI Message Subsystem of a PI Server to consume memory, throttling processing of new PI Data Archive events and causing a partial denial-of-service con...

5.3CVSS5.1AI score0.00502EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2024/01/18 7:0 a.m.60 views

AVEVA PI Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : PI Server Vulnerabilities : Improper Check or Handling of Exceptional Conditions, Missing Release of Resource after Effective Lifetime 2. RISK EVALUATION Successful...

7.5CVSS6.9AI score0.00555EPSS
Exploits0References8
OSV
OSV
added 2021/11/18 3:15 p.m.6 views

CVE-2021-43549

A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...

4.8CVSS5.8AI score0.00668EPSS
Exploits0References1
NVD
NVD
added 2021/11/18 3:15 p.m.35 views

CVE-2021-43549

A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...

6.9CVSS0.00668EPSS
Exploits0References1
Prion
Prion
added 2021/11/18 3:15 p.m.19 views

Information disclosure

A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...

3.5CVSS4.7AI score0.00668EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/18 2:18 p.m.32 views

CVE-2021-43549 OSIsoft PI Web API

A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information...

6.9CVSS6.6AI score0.00668EPSS
Exploits0References1
CVE
CVE
added 2021/11/18 2:18 p.m.54 views

CVE-2021-43549

CVE-2021-43549 affects the OSIsoft PI Web API. A remote authenticated attacker with write access to a PI Server can lure a user into interacting with a PI Web API endpoint and redirect them to a malicious site, potentially disclosing sensitive information or providing false data. Root cause: impr...

6.9CVSS5AI score0.00668EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/11/11 12:0 a.m.22 views

OSIsoft PI Server Cross-Site Scripting Vulnerability

Osisoft OSIsoft PI is a commercial software application platform based on the Ckient/Server architecture from OSIsoft Osisoft, USA. The platform supports data collection, analysis and visualization, etc. A security vulnerability exists in OSIsoft PI Server, which can be exploited by remote...

6.9CVSS2.3AI score0.00668EPSS
Exploits0References1
Prion
Prion
added 2017/08/25 7:29 p.m.17 views

Authentication flaw

An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective...

5.8CVSS7.3AI score0.02012EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/08/25 7:29 p.m.13 views

CVE-2017-7930

An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective...

7.4CVSS7.4AI score0.02012EPSS
Exploits0References2
NVD
NVD
added 2017/08/25 7:29 p.m.19 views

CVE-2017-7934

An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an...

5.9CVSS6.2AI score0.02147EPSS
Exploits0References2
OSV
OSV
added 2017/08/25 7:29 p.m.5 views

CVE-2017-7934

An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an...

5.9CVSS5.8AI score0.02147EPSS
Exploits0References2
CVE
CVE
added 2017/08/25 7:0 p.m.48 views

CVE-2017-7930

CVE-2017-7930 affects the OSIsoft PI Server 2017 family, specifically the PI Data Archive prior to 2017. The issue is an Improper Authentication vulnerability in the protocol that can expose change records in the clear and allow a malicious party to spoof a server within a PI Network. The connect...

7.4CVSS7.3AI score0.02012EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/25 7:0 p.m.17 views

CVE-2017-7930

An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective...

7.4AI score0.02012EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/25 7:0 p.m.21 views

CVE-2017-7934

An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an...

5.7AI score0.02147EPSS
Exploits0References2
CVE
CVE
added 2017/08/25 7:0 p.m.45 views

CVE-2017-7934

CVE-2017-7934 concerns OSIsoft PI Server 2017 PI Data Archive prior to 2017, where PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and cause the PI Network Manager to behave in an undefined manner. The vulnerability ...

5.9CVSS5.6AI score0.02147EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder