CVE-2018-7529

A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may modify deserialized data to send custom requests that crash the server.
References
Link Resource
http://www.securityfocus.com/bid/103399 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-072-02 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*
cpe:2.3:a:osisoft:pi_data_archive:2017:r2:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-14 18:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-7529

Mitre link : CVE-2018-7529

CVE.ORG link : CVE-2018-7529


JSON object : View

Products Affected

osisoft

  • pi_data_archive
CWE
CWE-502

Deserialization of Untrusted Data