← back
CVE-2018-7500

CVE-2018-7500

EPSS 1.9%CWE-264
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.9%KEV nãoPoC Patch
Lifecycle
14 Mar 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Privileges may be escalated, giving attackers access to the PI System via the service account.
Affected products
n/a · OSIsoft PI Web API

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-072-04http://www.securityfocus.com/bid/103396