ID
VAR-201508-0635
TITLE
OSIsoft PI Data Archive Security hole
Trust: 0.6
DESCRIPTION
OSIsoft PI System is a system based on the enterprise infrastructure of the United States OSIsoft for managing real-time data and events. PI AF Server is the core product of PI System. OSIsoft PI Data Archive is a highly efficient storage and archiving component of PI Server that implements high-performance data retrieval through client software. There are security vulnerabilities in OSIsoft PI Data Archive 2015 versions before 3.4.395.64. An attacker could use this vulnerability to execute arbitrary code with elevated privileges, obtain sensitive information, perform unauthorized operations, and cause a denial of service
Trust: 0.81
AFFECTED PRODUCTS
| vendor: | osisoft | model: | pi data archive | scope: | eq | version: | 20120 | Trust: 0.3 |
| vendor: | osisoft | model: | pi data archive | scope: | ne | version: | 20153.4.395.64 | Trust: 0.3 |
THREAT TYPE
remote ※ local
Trust: 0.6
TYPE
Unknown
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 76354 | Trust: 0.9 |
| db: | CNNVD | id: | CNNVD-201508-368 | Trust: 0.6 |
| db: | ICS CERT | id: | ICSA-15-225-01 | Trust: 0.3 |
REFERENCES
| url: | http://www.securityfocus.com/bid/76354 | Trust: 0.6 |
| url: | https://www.osisoft.com/default.aspx | Trust: 0.3 |
| url: | https://techsupport.osisoft.com/troubleshooting/alerts/al00289 | Trust: 0.3 |
| url: | https://ics-cert.us-cert.gov/advisories/icsa-15-225-01 | Trust: 0.3 |
CREDITS
The vendor reported this issue.
Trust: 0.3
SOURCES
| db: | BID | id: | 76354 |
| db: | CNNVD | id: | CNNVD-201508-368 |
LAST UPDATE DATE
2022-05-17T01:41:11.440000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 76354 | date: | 2015-08-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-201508-368 | date: | 2015-08-19T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 76354 | date: | 2015-08-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-201508-368 | date: | 2015-08-19T00:00:00 |