CVE-2016-8353

MEDIUM

OSIsoft PI Web API <1.5.1 - Privilege Escalation

Title source: llm

Description

An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). There is a weakness in this product that may allow an attacker to access the PI system without the proper permissions.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/93552

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-16-287-01

Scores

CVSS v3 6.4

EPSS 0.0014

EPSS Percentile 34.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Classification

CWE

CWE-264

Status published

Affected Products (2)

osisoft/pi_web_api_2015_r2

n/a/OSIsoft PI Web API 2015 R2 1.5.1 < OSIsoft PI Web API 2015 R2 1.5.1

Timeline

Published Feb 13, 2017

Tracked Since Feb 18, 2026