Описание
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an undefined manner.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 3.4.410.1256 (включая)
cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00234
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an undefined manner.
EPSS
Процентиль: 46%
0.00234
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-287
CWE-287