PT-2017-19099 · Osisoft+2 · Osisoft Pi Integrator For Business Analytics+4

Published

2017-08-14

·

Updated

2017-08-23

·

CVE-2017-9655

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions OSIsoft PI Integrator for Business Analytics versions prior to 2016 R2 OSIsoft PI Integrator for Microsoft Azure versions prior to 2016 R2 SP1 OSIsoft PI Integrator for SAP HANA versions prior to 2017
Description A Cross-Site Scripting issue allows an attacker to upload a malicious script, potentially redirecting users to a malicious web site.
Recommendations For OSIsoft PI Integrator for Business Analytics versions prior to 2016 R2, update to version 2016 R2 or later. For OSIsoft PI Integrator for Microsoft Azure versions prior to 2016 R2 SP1, update to version 2016 R2 SP1 or later. For OSIsoft PI Integrator for SAP HANA versions prior to 2017, update to version 2017 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2017-9655

Affected Products

Azure
Osisoft Pi Integrator For Business Analytics
Osisoft Pi Integrator For Microsoft Azure
Osisoft Pi Integrator For Sap Hana
Sap Hana