Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osisoft pi server vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2009-0209
PI Server in OSIsoft PI System prior to 3.4.380.x does not properly use encryption in the default authentication process, which allows remote malicious users to read or modify information in databases via unspecified vectors.
Osisoft Pi Server 3.4.370
Osisoft Pi Server 3.4.363.97
Osisoft Pi Server 3.4.375.99
Osisoft Pi Server 2.6
Osisoft Pi Server 2.4
Osisoft Pi Server
4.6
CVSSv2
CVE-2020-10606
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI Syste...
Osisoft Pi Api
Osisoft Pi Buffer Subsystem
Osisoft Pi Connector
Osisoft Pi Connector Relay
Osisoft Pi Data Archive
Osisoft Pi Data Collection Manager
Osisoft Pi Integrator
Osisoft Pi Interface Configuration Utility
Osisoft Pi To Ocs
6.5
CVSSv2
CVE-2015-1013
OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements.
Osisoft Pi Sql For Af 2.1.2.19
Osisoft Pi Server 2.6
2.1
CVSSv2
CVE-2016-8365
OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and includin...
Osisoft Pi Af Client
Osisoft Pi Sdk
Osisoft Pi Buffer Subsystem
Osisoft Pi Data Archive
4
CVSSv2
CVE-2016-4518
OSIsoft PI AF Server prior to 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message.
Osisoft Pi Af Server 2016
7.1
CVSSv2
CVE-2018-7531
An Improper Input Validation issue exists in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
Osisoft Pi Data Archive
Osisoft Pi Data Archive 2017
2.1
CVSSv2
CVE-2017-5153
An issue exists in OSIsoft PI Coresight 2016 R2 and previous versions versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit. An information exposure through server log files vulnerability has been identified, which may allow servic...
Osisoft Pi Web Api 2016-r2
Osisoft Pi Coresight
4
CVSSv2
CVE-2016-4530
OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message.
Osisoft Pi Sql Data Access Server 2016 1.5
5
CVSSv2
CVE-2018-7496
An Information Exposure issue exists in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure.
Osisoft Pi Vision
5.8
CVSSv2
CVE-2017-7930
An Improper Authentication issue exists in OSIsoft PI Server 2017 PI Data Archive versions before 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective.
Osisoft Pi Data Archive
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »