| |
Vulnerability CVE-2009-0209
Published: 2009-10-01 Modified: 2012-02-13
Description: |
PI Server in OSIsoft PI System before 3.4.380.x does not properly use encryption in the default authentication process, which allows remote attackers to read or modify information in databases via unspecified vectors. |
See advisories in our WLB2 database: | Topic | Author | Date |
Med. |
| Eyal Udassin &am... | 04.10.2009 |
Type:
CWE-310 (Cryptographic Issues)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.4/10 |
4.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
None |
References: |
http://www.securityfocus.com/archive/1/506826/100/0/threaded
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|