In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI System data from other users, such as from a shared workstation or terminal server deployment.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HOsisoft Pi Api
APPOsisoft≤ 1.6.8.26≤ 2.0.2.5Osisoft Pi Buffer Subsystem
APPOsisoft≤ 4.8.0.18Osisoft Pi Connector
APPOsisoft≤ 1.0.0.54≤ 1.1.0.10≤ 1.2.0.6≤ 1.2.0.42≤ 1.2.1.71≤ 1.2.2.79≤ 1.3.0.1≤ 1.3.0.130≤ 1.3.1.135≤ 1.4.0.17≤ 1.5.0.88Osisoft Pi Connector Relay
APPOsisoft≤ 2.5.19.0Osisoft Pi Data Archive
APPOsisoft≤ 3.4.430.460Osisoft Pi Data Collection Manager
APPOsisoft≤ 2.5.19.0Osisoft Pi Integrator
APPOsisoft≤ 2.2.0.183Osisoft Pi Interface Configuration Utility
APPOsisoft≤ 1.5.0.7Osisoft Pi To Ocs
APPOsisoft≤ 1.1.36.0
Powiązane podatności
In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network...
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a bin...
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code int...
An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Inse...
A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. U...