PT-2020-9948 · Osisoft · Osisoft Pi System+1

Published

2020-01-15

Updated

2020-07-25

CVE-2019-18244

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OSIsoft PI System (affected versions not specified)

Description A local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The issue is related to the handling of log files in the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

CVE-2019-18244

Affected Products

Osisoft Pi System

Pi Vision

PT-2020-9948 · Osisoft · Osisoft Pi System+1

CVE-2019-18244

Weakness Enumeration

Related Identifiers

Affected Products

References · 3