MEDIUMπŸ‡΅πŸ‡± Wersja polska

CVE-2016-8365

CVSS 5.5v3.0pub. 2018-04-03upd. 2024-11-21

OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI Data Archive versions prior to PI Data Archive 2015, Version 3.4.395.64) operates between endpoints without a complete model of endpoint features potentially causing the product to perform actions based on this incomplete model, which could result in a denial of service. OSIsoft reports that in order to exploit the vulnerability an attacker would need to be locally connected to a server. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • Osisoft Pi Af Client

    APP
    Osisoft
    < 2.8.0
  • Osisoft Pi Buffer Subsystem

    APP
    Osisoft
    < 4.5.0
  • Osisoft Pi Data Archive

    APP
    Osisoft
    < 3.4.400.1162
  • Osisoft Pi Sdk

    APP
    Osisoft
    < 1.4.6
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2020-10604HIGH7.5ten sam produkt

In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network...

CVE-2020-10610HIGH7.8ten sam produkt

In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a bin...

CVE-2020-10608HIGH7.8ten sam produkt

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code int...

CVE-2020-10606HIGH7.8ten sam produkt

In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by...

CVE-2018-7529HIGH7.5ten sam produkt

A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. U...

CVE-2016-8365 β€” Osisoft β€” Pi Af Client β€” MEDIUM β€” CVSS 5.5 | CVEbaza.pl