1. Home
  2. CVE Database
  3. CVE-2024-3468
NONE · 0

CVE-2024-3468

There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use AP...

Vulnerability Description

There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.

Related Weaknesses (CWE)

CWE-502

References

FAQ

What is CVE-2024-3468?

CVE-2024-3468 is a documented vulnerability. There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use AP...

How severe is CVE-2024-3468?

CVSS scoring is not yet available for CVE-2024-3468. Check NVD for updates.

Is there a patch for CVE-2024-3468?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.