Vulnerability Description
An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in an undefined manner.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Osisoft | Pi Data Archive | <= 3.4.410.1256 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/99059Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-164-02Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/99059Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-164-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-7934?
CVE-2017-7934 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using older protocol versions contains a flaw that could allow a ma...
How severe is CVE-2017-7934?
CVE-2017-7934 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-7934?
Check the references section above for vendor advisories and patch information. Affected products include: Osisoft Pi Data Archive.