CVE-2018-7496

MEDIUM

OSIsoft PI Vision < 2017 - Information Exposure via Server Response Headers

Title source: llm
STIX 2.1

Description

An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/103390
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-072-03

Scores

CVSS v3 5.3
EPSS 0.0127
EPSS Percentile 66.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
osisoft/pi_vision < 2017
Published Mar 14, 2018
Tracked Since Feb 18, 2026