PT-2017-19098 · Osisoft+2 · Osisoft Pi Integrator For Business Analytics+4

Publicado

2017-08-14

·

Atualizado

2019-10-03

·

CVE-2017-9653

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OSIsoft PI Integrator for Business Analytics versions prior to 2016 R2 OSIsoft PI Integrator for Microsoft Azure versions prior to 2016 R2 SP1 OSIsoft PI Integrator for SAP HANA versions prior to 2017
Description An issue with improper authorization was found, allowing an attacker to gain privileged access to the system without authorization.
Recommendations For OSIsoft PI Integrator for Business Analytics versions prior to 2016 R2, update to version 2016 R2 or later. For OSIsoft PI Integrator for Microsoft Azure versions prior to 2016 R2 SP1, update to version 2016 R2 SP1 or later. For OSIsoft PI Integrator for SAP HANA versions prior to 2017, update to version 2017 or later.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2017-9653

Produtos afetados

Azure
Osisoft Pi Integrator For Business Analytics
Osisoft Pi Integrator For Microsoft Azure
Osisoft Pi Integrator For Sap Hana
Sap Hana