Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osisoft vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2017-9655
A Cross-Site Scripting issue exists in OSIsoft PI Integrator for Business Analytics prior to 2016 R2, PI Integrator for Microsoft Azure prior to 2016 R2 SP1, and PI Integrator for SAP HANA prior to 2017. An attacker may be able to upload a malicious script that attempts to redire...
Osisoft Pi Integrator For Sap Hana
Osisoft Pi Integrator For Microsoft Azure
Osisoft Pi Integrator For Business Analystics
534
VMScore
CVE-2020-12021
In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an malicious user to remotely execute arbitrary code.
Osisoft Pi Web Api
Osisoft Pi Web Api 2019
641
VMScore
CVE-2018-7533
An Incorrect Default Permissions issue exists in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system.
Osisoft Pi Data Archive 2017
Osisoft Pi Data Archive
NA
CVE-2022-27893
The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0.
Osisoft-pi-web-connector Project Osisoft-pi-web-connector
632
VMScore
CVE-2018-7531
An Improper Input Validation issue exists in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
Osisoft Pi Data Archive
Osisoft Pi Data Archive 2017
187
VMScore
CVE-2017-5153
An issue exists in OSIsoft PI Coresight 2016 R2 and previous versions versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow servic...
Osisoft Pi Web Api 2016-r2
Osisoft Pi Coresight
578
VMScore
CVE-2015-1013
OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements.
Osisoft Pi Sql For Af 2.1.2.19
Osisoft Pi Server 2.6
668
VMScore
CVE-2017-9653
An Improper Authorization issue exists in OSIsoft PI Integrator for Business Analytics prior to 2016 R2, PI Integrator for Microsoft Azure prior to 2016 R2 SP1, and PI Integrator for SAP HANA prior to 2017. An attacker is able to gain privileged access to the system while unautho...
Osisoft Pi Integrator For Business Analystics 2016
Osisoft Pi Integrator For Microsoft Azure 2016
Osisoft Pi Integrator For Sap Hana 2016
756
VMScore
CVE-2012-3008
Stack-based buffer overflow in OSIsoft PI OPC DA Interface prior to 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
Osisoft Pi Opc Da Interface
Osisoft Pi Opc Da Interface 2.3.16.16
356
VMScore
CVE-2020-25167
OSIsoft PI Vision 2020 versions before 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute.
Osisoft Pi Vision
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »