Risk Summary
Successful exploitation of this vulnerability could allow an attacker to read and modify the contents of the PI Vision web page and data related to the PI Vision application in the victim 's browser.
CVEs (1)
Remediations
- OSIsoft recommends users upgrade to PI Vision 2017 R2 SP1 to address this issue. This update can be obtained directly from OSIsoft.
- Similarly, which data items are available to PI Vision is controlled by the PI Vision administrators through the administrative site. Only add data sources to PI Vision that you can verify as legitimate with appropriate access control configured.
- For additional guidance on web security for PI Vision, please see KB01631 - Security Tips for PI Vision using the link below:
- For more information on this vulnerability, please refer to OSIsoft's Security Bulletin AL00344 using the link below:
Affected Vendors
OSIsoft LLC
Affected Products (2)
OSIsoft LLC
·
PI Vision
2017 R2
OSIsoft LLC
·
PI Vision
2017
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more