90 matches found
CVE-2020-25167 OSIsoft PI Vision Incorrect Authorization
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute...
CVE-2020-25167 OSIsoft PI Vision Incorrect Authorization
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute...
CVE-2020-25163
CVE-2020-25163 affects OSIsoft PI Vision (PI Vision 2020) prior to version 3.5.0. A remote attacker with write access to PI ProcessBook files can inject code that gets imported into PI Vision, enabling cross-site scripting and potentially unauthorized disclosure, modification, or deletion of PI S...
CVE-2020-25163 OSIsoft PI Vision Cross-site Scripting
A remote attacker with write access to PI ProcessBook files could inject code that is imported into OSIsoft PI Vision 2020 versions prior to 3.5.0. Unauthorized information disclosure, modification, or deletion is also possible if a victim views or interacts with the infected display. This...
CVE-2021-43551
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other dat...
CVE-2021-43553
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property...
CVE-2021-43551
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other dat...
CVE-2021-43553
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property...
Information disclosure
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other dat...
Design/Logic Flaw
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property...
CVE-2021-43553
Summary: CVE-2021-43553 affects OSIsoft PI Vision via an Incorrect Authorization flaw that could disclose information to a user with insufficient privileges for an AF attribute that is a child of another attribute and configured as a Limits property. Affected product/area (from sources): PI Visio...
CVE-2021-43553 OSIsoft PI Vision
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property...
CVE-2021-43551
CVE-2021-43551 affects OSIsoft PI Vision. A remote attacker with write access can inject code into a display (cross‑site scripting), potentially causing information disclosure, modification, or deletion when a victim loads/interacts with the infected display in Internet Explorer. PI Vision prior ...
CVE-2021-43551 OSIsoft PI Vision
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other dat...
OSIsoft PI Vision 跨站脚本漏洞
Osisoft OSIsoft PI Vision is a suite of visualization tools from OSIsoft Osisoft USA that supports accessing PI System data from mobile devices, and supports self-configuration of trends, images, and data values in order to present data information. A cross-site scripting vulnerability exists in...
CVE-2021-43551
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other dat...
OSIsoft PI Vision
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: OSIsoft Equipment: PI Vision Vulnerabilities: Cross-site Scripting, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to information disclosure,...
OSIsoft PI Vision
1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Vision 2020 Vulnerabilities: Cross-site Scripting, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow a remote attacker with...
CVE-2020-10643
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component...
Design/Logic Flaw
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component...