CVE-2020-10600

Опубликовано: 24 июл. 2020

Источник: nvd

CVSS3: 5.9

CVSS3: 7.1

CVSS2: 4.9

EPSS Низкий

Описание

An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive (2018 SP2 and prior versions).

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02
Third Party Advisory
US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*

Версия до 2019 (включая)

EPSS

Процентиль: 50%

0.00265

Низкий

5.9 Medium

CVSS3

7.1 High

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

GHSA-3h4f-76g6-g5wc

github

больше 3 лет назад

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive.

EPSS

Процентиль: 50%

0.00265

Низкий

5.9 Medium

CVSS3

7.1 High

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-476