OSIsoft PI AF Server Input Validation Vulnerability

CVSS 6.5 MEDIUM

CVEs (1)

CVE-2016-4518

OSIsoft recommends upgrading to PI SQL Data Access Server (OLE DB) 2016 (1.5) to address this issue. OSIsoft recommends that users use a host-based firewall to limit access to Ports 5461 and 5462 only to trusted workstations and PI SQL client products such as: PI JDBC Driver, PI ODBC Driver.
They also recommend that access to PI SQL Data Access Server be limited to only those users who need it through user rights assignment security policy.

OSIsoft

OSIsoft · PI AF Server 2016 <=2.8.0

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.