- Description
- An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive (2018 SP2 and prior versions).
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 4.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 4.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D3BC4ED-2C51-493F-8CBE-5D053B977517",
"versionEndIncluding": "2019"
}
],
"operator": "OR"
}
]
}
]