CVE-2018-7533
HIGHOSIsoft PI Data Archive < 2017 - Incorrect Default Permissions
Title source: llmDescription
An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-072-02
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103399
Scores
CVSS v3
7.8
EPSS
0.0035
EPSS Percentile
26.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (2)
osisoft/pi_data_archive
2017 r2
osisoft/pi_data_archive
< 2017
Published
Mar 14, 2018
Tracked Since
Feb 18, 2026