cvelist/2018/7xxx/CVE-2018-7500.json

67 lines
2.0 KiB
JSON
Raw Normal View History

2018-02-26 16:04:33 -05:00
{
2019-03-18 02:35:49 +00:00
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-7500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OSIsoft PI Web API",
"version": {
"version_data": [
{
"version_value": "OSIsoft PI Web API"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
2018-03-14 14:03:48 -04:00
{
2019-03-18 02:35:49 +00:00
"lang": "eng",
"value": "A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Privileges may be escalated, giving attackers access to the PI System via the service account."
2018-03-14 14:03:48 -04:00
}
2019-03-18 02:35:49 +00:00
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103396"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-04"
}
]
}
}