Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osisoft vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-9655
A Cross-Site Scripting issue exists in OSIsoft PI Integrator for Business Analytics prior to 2016 R2, PI Integrator for Microsoft Azure prior to 2016 R2 SP1, and PI Integrator for SAP HANA prior to 2017. An attacker may be able to upload a malicious script that attempts to redire...
Osisoft Pi Integrator For Sap Hana
Osisoft Pi Integrator For Microsoft Azure
Osisoft Pi Integrator For Business Analystics
7.8
CVSSv3
CVE-2017-5153
An issue exists in OSIsoft PI Coresight 2016 R2 and previous versions versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow servic...
Osisoft Pi Web Api 2016-r2
Osisoft Pi Coresight
5.9
CVSSv3
CVE-2018-7531
An Improper Input Validation issue exists in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
Osisoft Pi Data Archive
Osisoft Pi Data Archive 2017
7.8
CVSSv3
CVE-2018-7533
An Incorrect Default Permissions issue exists in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system.
Osisoft Pi Data Archive 2017
Osisoft Pi Data Archive
9
CVSSv3
CVE-2020-12021
In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an malicious user to remotely execute arbitrary code.
Osisoft Pi Web Api
Osisoft Pi Web Api 2019
4.2
CVSSv3
CVE-2022-27893
The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0.
Osisoft-pi-web-connector Project Osisoft-pi-web-connector
NA
CVE-2015-1013
OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements.
Osisoft Pi Sql For Af 2.1.2.19
Osisoft Pi Server 2.6
9.8
CVSSv3
CVE-2017-9653
An Improper Authorization issue exists in OSIsoft PI Integrator for Business Analytics prior to 2016 R2, PI Integrator for Microsoft Azure prior to 2016 R2 SP1, and PI Integrator for SAP HANA prior to 2017. An attacker is able to gain privileged access to the system while unautho...
Osisoft Pi Integrator For Business Analystics 2016
Osisoft Pi Integrator For Microsoft Azure 2016
Osisoft Pi Integrator For Sap Hana 2016
NA
CVE-2012-3008
Stack-based buffer overflow in OSIsoft PI OPC DA Interface prior to 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
Osisoft Pi Opc Da Interface
Osisoft Pi Opc Da Interface 2.3.16.16
6.5
CVSSv3
CVE-2019-18275
OSIsoft PI Vision, All versions of PI Vision before 2019. The affected product is vulnerable to an improper access control, which may return unauthorized tag data when viewing analysis data reference attributes.
Osisoft Pi Vision
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »