CVE-2017-7934
First published: Fri Aug 25 2017(Updated: )
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an undefined manner.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OSIsoft PI Data Archive | <=3.4.410.1256 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7934?
CVE-2017-7934 has a medium severity level due to the improper authentication vulnerability.
How do I fix CVE-2017-7934?
To fix CVE-2017-7934, upgrade to OSIsoft PI Server 2017 PI Data Archive version 3.4.410.1257 or later.
What version of OSIsoft PI Data Archive is affected by CVE-2017-7934?
CVE-2017-7934 affects OSIsoft PI Data Archive versions prior to 3.4.410.1257.
Can CVE-2017-7934 lead to unauthorized access?
Yes, CVE-2017-7934 can potentially allow a malicious user to authenticate and gain unauthorized access.
What type of flaw is described in CVE-2017-7934?
CVE-2017-7934 describes an improper authentication flaw in the OSIsoft PI Server.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/osisoft
- canonical/osisoft pi data archive
- version/osisoft pi data archive/3.4.410.1256