12 matches found
EUVD-2017-18572
Malware in sbrugna...
CVE-2017-9641
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability...
CVE-2017-9641
The CVE-2017-9641 CSRF vulnerability affects OSIsoft PI Coresight 2016 R2 (and earlier per ICS advisory) and could allow unauthorized access to the PI System. Root cause is a Cross‑Site Request Forgery flaw in PI Coresight that enables actions on behalf of an authenticated user. Impact described ...
CVE-2017-9641
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability...
OSIsoft PI Coresight Cross-Site Request Forgery Vulnerability
OSIsoft PI Coresight is a set of web-based tools for secure access to PI System data. A cross-site request forgery vulnerability exists in OSIsoft PI Coresight, which can be exploited by an attacker to perform unauthorized actions and gain access to affected applications due to an inability to...
OSIsoft PI Coresight
CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI Coresight Vulnerability: Cross-Site Request Forgery AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following PI Coresight products: PI Coresight 2016 R2 and earlier versions...
CVE-2017-5153
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow service account passwords...
Design/Logic Flaw
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow service account passwords...
CVE-2017-5153
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow service account passwords...
CVE-2017-5153
The CVE-2017-5153 issue affects OSIsoft PI Coresight 2016 R2 and earlier, and PI Web API 2016 R2 when deployed with the PI AF Services 2016 R2 integrated installer. It is an information exposure vulnerability through server log files that may allow exposure of service account passwords, potential...
OSIsoft PI Coresight and PI Web API (Update A)
CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-010-01 OSIsoft PI Coresight and PI Web API that was published January 10,...
OSIsoft PI Coresight and PI Web API
CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following versions: PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed usi...