Sign-up

ID

VAR-201508-0628


TITLE

Multiple vulnerabilities in OSIsoft PI Data Archive

Trust: 0.6

sources: CNVD: CNVD-2015-05653

DESCRIPTION

The OSIsoft PI System is a suite of data acquisition, analysis, and visualization software. PI Server is the core product of PI System. OSIsoft PI Data Archive is a component of PI Server that efficiently stores and archives high-performance data retrieval through client software. OSIsoft PI Data Archive has multiple security vulnerabilities that allow remote attackers to exploit vulnerabilities to elevate permissions, execute arbitrary code, or obtain sensitive information

Trust: 0.72

sources: CNVD: CNVD-2015-05653 // IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee // CNVD: CNVD-2015-05653

AFFECTED PRODUCTS

vendor:osisoftmodel:data archivescope:ltversion:3.4.395.64

Trust: 0.8

sources: IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee // CNVD: CNVD-2015-05653

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2015-05653
value: HIGH

Trust: 0.6

IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee
value: HIGH

Trust: 0.2

CNVD: CNVD-2015-05653
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee // CNVD: CNVD-2015-05653

TYPE

other

Trust: 0.2

sources: IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee

PATCH

title:OSIsoft PI Data Archive has multiple vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/63199

Trust: 0.6

sources: CNVD: CNVD-2015-05653

EXTERNAL IDS

db:CNVDid:CNVD-2015-05653

Trust: 0.8

db:IVDid:AAA74A59-0ED7-44F2-BCAF-849323415BEE

Trust: 0.2

sources: IVD: aaa74a59-0ed7-44f2-bcaf-849323415bee // CNVD: CNVD-2015-05653

REFERENCES

url:https://techsupport.osisoft.com/troubleshooting/alerts/al00289

Trust: 0.6

sources: CNVD: CNVD-2015-05653

SOURCES

db:IVDid:aaa74a59-0ed7-44f2-bcaf-849323415bee
db:CNVDid:CNVD-2015-05653

LAST UPDATE DATE

2022-05-17T02:03:19.648000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2015-05653date:2015-08-27T00:00:00

SOURCES RELEASE DATE

db:IVDid:aaa74a59-0ed7-44f2-bcaf-849323415beedate:2015-08-27T00:00:00
db:CNVDid:CNVD-2015-05653date:2015-08-27T00:00:00