Skip to main content

Pi Vision

8 CVEs product

Monthly

CVE-2021-43553 MEDIUM This Month

PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pi Vision
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-43551 MEDIUM This Month

A remote attacker with write access to PI Vision could inject code into a display. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft XSS Information Disclosure Pi Vision
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-10643 MEDIUM This Month

An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pi Vision
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2020-10614 MEDIUM This Month

In OSIsoft PI System multiple products and versions, an authenticated remote attacker with write access to PI Vision databases could inject code into a display. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Pi Vision
NVD
CVSS 3.1
4.8
EPSS
0.9%
CVE-2018-7508 MEDIUM This Month

A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pi Web Api Pi Vision
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7504 MEDIUM This Month

A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pi Vision
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7500 CRITICAL Act Now

A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Pi Web Api Pi Vision
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2018-7496 MEDIUM This Month

An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pi Vision
NVD
CVSS 3.0
5.3
EPSS
1.3%
EPSS 1% CVSS 4.3
MEDIUM This Month

PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pi Vision
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A remote attacker with write access to PI Vision could inject code into a display. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft XSS Information Disclosure +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pi Vision
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

In OSIsoft PI System multiple products and versions, an authenticated remote attacker with write access to PI Vision databases could inject code into a display. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Pi Vision
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pi Web Api Pi Vision
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pi Vision
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Pi Web Api Pi Vision
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pi Vision
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy