CVE-2018-7531
MEDIUMOSIsoft PI Data Archive < 2017 - Unauthenticated Denial of Service via Custom Request
Title source: llmDescription
An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-072-02
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103399
Scores
CVSS v3
5.9
EPSS
0.0143
EPSS Percentile
69.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (2)
osisoft/pi_data_archive
2017 r2
osisoft/pi_data_archive
< 2017
Published
Mar 14, 2018
Tracked Since
Feb 18, 2026