First published: Wed Mar 14 2018(Updated: )
An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
OSIsoft PI Data Archive | <=2017 | |
OSIsoft PI Data Archive | =2017-r2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2018-7531.
The severity of CVE-2018-7531 is high with a CVSS score of 5.9.
OSIsoft PI Data Archive versions 2017 and prior, including 2017-r2, are affected by CVE-2018-7531.
Unauthenticated users can exploit CVE-2018-7531 by using unvalidated custom requests to crash the server.
Apply the latest security patches or update to a non-vulnerable version of OSIsoft PI Data Archive.