PT-2022-18672 · Osisoft · Osisoft-Pi-Web-Connector
Published
2022-11-04
·
Updated
2022-11-14
·
CVE-2022-27893
CVSS v3.1
4.2
Medium
| Vector | AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
osisoft-pi-web-connector versions 0.15.0 through 0.43.0
Description
The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests.
Recommendations
For osisoft-pi-web-connector versions 0.15.0 through 0.43.0, update to version 0.44.0 to resolve the issue.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Osisoft-Pi-Web-Connector