Vulnerability Description
An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
CVSS Score
5.9
MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Osisoft | Pi Data Archive | <= 2017 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103399Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-072-02Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/103399Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-072-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-7531?
CVE-2018-7531 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
How severe is CVE-2018-7531?
CVE-2018-7531 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7531?
Check the references section above for vendor advisories and patch information. Affected products include: Osisoft Pi Data Archive.