Описание
In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:osisoft:pi_vision:2017:r2:*:*:*:*:*:*
cpe:2.3:a:osisoft:pi_vision:2017:r2_sp1:*:*:*:*:*:*
cpe:2.3:a:osisoft:pi_vision:2019:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00125
Низкий
4.7 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-532
CWE-532
Связанные уязвимости
github
больше 3 лет назад
OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision 2019. The affected product records the service account password in the installation log files when a non-default service account and password are specified during installation or upgrade.
EPSS
Процентиль: 32%
0.00125
Низкий
4.7 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-532
CWE-532