Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18572

Malware in sbrugna...

8.8CVSS8.8AI score0.00873EPSS
Exploits0References4
NVD
NVD
added 2018/05/25 3:29 p.m.8 views

CVE-2017-9641

PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability...

8.8CVSS8.7AI score0.00873EPSS
Exploits0References3
CVE
CVE
added 2018/05/25 3:0 p.m.51 views

CVE-2017-9641

The CVE-2017-9641 CSRF vulnerability affects OSIsoft PI Coresight 2016 R2 (and earlier per ICS advisory) and could allow unauthorized access to the PI System. Root cause is a Cross‑Site Request Forgery flaw in PI Coresight that enables actions on behalf of an authenticated user. Impact described ...

8.8CVSS8.5AI score0.00873EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/05/25 3:0 p.m.14 views

CVE-2017-9641

PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability...

8.7AI score0.00873EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/17 12:0 a.m.2 views

OSIsoft PI Coresight Cross-Site Request Forgery Vulnerability

OSIsoft PI Coresight is a set of web-based tools for secure access to PI System data. A cross-site request forgery vulnerability exists in OSIsoft PI Coresight, which can be exploited by an attacker to perform unauthorized actions and gain access to affected applications due to an inability to...

8.8CVSS8.8AI score0.00873EPSS
Exploits0References1
ICS
ICS
added 2017/07/11 12:0 a.m.36 views

OSIsoft PI Coresight

CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI Coresight Vulnerability: Cross-Site Request Forgery AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following PI Coresight products: PI Coresight 2016 R2 and earlier versions...

8.8CVSS8.9AI score0.00873EPSS
Exploits0References3
NVD
NVD
added 2017/02/13 9:59 p.m.15 views

CVE-2017-5153

An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow service account passwords...

7.8CVSS7.5AI score0.00374EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.14 views

Design/Logic Flaw

An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow service account passwords...

2.1CVSS7.4AI score0.00374EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.22 views

CVE-2017-5153

An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow service account passwords...

7.5AI score0.00374EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 9:0 p.m.63 views

CVE-2017-5153

The CVE-2017-5153 issue affects OSIsoft PI Coresight 2016 R2 and earlier, and PI Web API 2016 R2 when deployed with the PI AF Services 2016 R2 integrated installer. It is an information exposure vulnerability through server log files that may allow exposure of service account passwords, potential...

7.8CVSS7.4AI score0.00374EPSS
Exploits0References2Affected Software2
ICS
ICS
added 2017/01/10 12:0 a.m.38 views

OSIsoft PI Coresight and PI Web API (Update A)

CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-010-01 OSIsoft PI Coresight and PI Web API that was published January 10,...

7.8CVSS8AI score0.00374EPSS
Exploits0References3
ICS
ICS
added 2017/01/10 12:0 a.m.56 views

OSIsoft PI Coresight and PI Web API

CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following versions: PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed usi...

7.8CVSS0.7AI score0.00374EPSS
Exploits0References27
Rows per page
Query Builder