CVE-2017-7930
HIGHOSIsoft PI Server 2017 PI Data Archive < 2017 - Improper Authentication
Title source: llmDescription
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-164-02
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99059
Scores
CVSS v3
7.4
EPSS
0.0201
EPSS Percentile
78.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-287
Status
published
Products (2)
n/a/OSIsoft PI Server 2017
OSIsoft PI Server 2017
osisoft/pi_data_archive
< 3.4.410.1256
Published
Aug 25, 2017
Tracked Since
Feb 18, 2026