CVE-2017-9641

Summary

PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability.

Affected Software

VendorProductVersion RangeStatus
OSIsoftPI Coresight2016 R2 and earlier versions.affected

Weaknesses

  • CWE-352: Cross-site request forgery CWE-352

ADP Enrichment

CVE Program Container

Additional References

References