PT-2017-18001 · Osisoft · Osisoft Pi Web Api
Publicado
2017-08-25
·
Atualizado
2019-10-09
·
CVE-2017-7926
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OSIsoft PI Web API versions prior to 2017 (1.9.0)
Description
A Cross-Site Request Forgery issue allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.
Recommendations
For versions prior to 2017 (1.9.0), update to version 2017 (1.9.0) or later to resolve the issue.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Osisoft Pi Web Api