PT-2018-18138 · Osisoft · Osisoft Pi Data Archive

Publicado

2018-03-14

Atualizado

2019-10-09

CVE-2018-7533

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OSIsoft PI Data Archive versions 2017 and prior

Description An issue with incorrect default permissions was found, which may allow an actor to escalate privileges and gain full control over the system due to an insecure default configuration.

Recommendations For OSIsoft PI Data Archive versions 2017 and prior, update the configuration to secure default permissions to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2018-7533

Produtos afetados

Osisoft Pi Data Archive

PT-2018-18138 · Osisoft · Osisoft Pi Data Archive

CVE-2018-7533

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4