CVE-2017-9641
N/A
N/A
Summary
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OSIsoft | PI Coresight | 2016 R2 and earlier versions. | affected |
Weaknesses
- CWE-352: Cross-site request forgery CWE-352
ADP Enrichment
CVE Program Container
Additional References
- https://ics-cert.us-cert.gov/advisories/ICSA-17-192-04
- https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00320
- http://www.securityfocus.com/bid/99540
References
- https://ics-cert.us-cert.gov/advisories/ICSA-17-192-04
- https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00320
- http://www.securityfocus.com/bid/99540
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.