Pi Vision Security Vulnerabilities and Issues — Pi Vision CVE List

Lucene search

OsisoftPi Vision

6 matches found

CVE•added 2020/01/15 7:15 p.m.•56 views

CVE-2019-18275

OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to an improper access control, which may return unauthorized tag data when viewing analysis data reference attributes.

6.5CVSS6.4AI score0.00132EPSS

CVE•added 2020/07/27 10:15 p.m.•56 views

CVE-2020-10643

An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component.

6.5CVSS5.8AI score0.0013EPSS

CVE•added 2022/04/18 5:15 p.m.•43 views

CVE-2020-25167

OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute.

6.5CVSS5.7AI score0.00127EPSS

CVE•added 2021/11/17 7:15 p.m.•39 views

CVE-2021-43551

A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other data ...

6.5CVSS5.7AI score0.00101EPSS

CVE•added 2018/03/14 6:29 p.m.•34 views

CVE-2018-7508

A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Cross-site scripting may occur when input is incorrectly neutralized.

6.1CVSS5.9AI score0.0018EPSS

CVE•added 2018/03/14 6:29 p.m.•28 views

CVE-2018-7504

A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The X-XSS-Protection response header is not set to block, allowing attempts at reflected cross-site scripting.

6.1CVSS5.8AI score0.0018EPSS