Vulnerability Details CVE-2018-7500
A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Privileges may be escalated, giving attackers access to the PI System via the service account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-7500
-
cpe:2.3:a:osisoft:pi_vision:2017
-
cpe:2.3:a:osisoft:pi_web_api:2014
-
cpe:2.3:a:osisoft:pi_web_api:2015
-
cpe:2.3:a:osisoft:pi_web_api:2016
-
cpe:2.3:a:osisoft:pi_web_api:2017