cvelistv5 - cve-2017-7926

cve-2017-7926

Vulnerability from cvelistv5

Published

2017-08-25 19:00

Modified

2024-08-05 16:19

Severity ?

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/99058	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99058	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	n/a	OSIsoft PI Web API 2017	Version: OSIsoft PI Web API 2017

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:19:29.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
          },
          {
            "name": "99058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99058"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OSIsoft PI Web API 2017",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "OSIsoft PI Web API 2017"
            }
          ]
        }
      ],
      "datePublic": "2017-08-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-26T09:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
        },
        {
          "name": "99058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99058"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-7926",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "OSIsoft PI Web API 2017",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "OSIsoft PI Web API 2017"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
            },
            {
              "name": "99058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99058"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-7926",
    "datePublished": "2017-08-25T19:00:00",
    "dateReserved": "2017-04-18T00:00:00",
    "dateUpdated": "2024-08-05T16:19:29.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-7926\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2017-08-25T19:29:00.300\",\"lastModified\":\"2024-11-21T03:32:58.843\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema de Cross-Site Request Forgery en OSIsoft PI Web API en versiones anteriores a la 2017 (1.9.0). Esta vulnerabilidad permite que ocurran ataques Cross-Site Request Forgery (CSRF) cuando una petici\u00f3n cross-site que normalmente no tendr\u00eda autorizaci\u00f3n es enviada desde un navegador previamente autenticado por el servidor.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_web_api:1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DA97B1-761E-442C-A51D-D43C3BF498E5\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99058\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/99058\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}

A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated. OSIsoft PI Web API is a product for accessing PI system data. The program failed to properly validate the HTTP request. An attacker could exploit the vulnerability to perform certain unauthorized operations and access the affected application. Other attacks are also possible

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201708-1388",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "pi web api",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "osisoft",
        "version": "1.8"
      },
      {
        "model": "pi web api",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "osisoft",
        "version": "2017 (1.9.0)"
      },
      {
        "model": "pi web api",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "osisoft",
        "version": "20171.9.0"
      },
      {
        "model": "pi web api r2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "osisoft",
        "version": "20160"
      },
      {
        "model": "pi web api",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "osisoft",
        "version": "20161.7.0.176"
      },
      {
        "model": "pi web api r2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "osisoft",
        "version": "20151.5.1"
      },
      {
        "model": "pi web api",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "osisoft",
        "version": "20171.9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pi web api",
        "version": "1.8"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "BID",
        "id": "99058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:osisoft:pi_web_api",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "99058"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-7926",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-7926",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2017-16356",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-7926",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-7926",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-7926",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-16356",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-1044",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated. OSIsoft PI Web API is a product for accessing PI system data. The program failed to properly validate the HTTP request. An attacker could exploit the vulnerability to perform certain unauthorized operations and access the affected application. Other attacks are also possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "BID",
        "id": "99058"
      },
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-7926",
        "trust": 3.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-164-03",
        "trust": 2.7
      },
      {
        "db": "BID",
        "id": "99058",
        "trust": 2.5
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E1BB21C8-8650-4E7F-A184-0A29A764DF9F",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "BID",
        "id": "99058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "id": "VAR-201708-1388",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      }
    ],
    "trust": 1.3875000000000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:12:52.804000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "AL00316 - OSIsoft releases security update in PI Web API 2017 for CSRF vulnerability",
        "trust": 0.8,
        "url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00316"
      },
      {
        "title": "Patch for OSIsoft PI Web API Cross-Site Request Forgery Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/98751"
      },
      {
        "title": "OSIsoft PI Web API Fixes for cross-site request forgery vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99753"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-164-03"
      },
      {
        "trust": 2.2,
        "url": "http://www.securityfocus.com/bid/99058"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7926"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7926"
      },
      {
        "trust": 0.3,
        "url": "https://techsupport.osisoft.com"
      },
      {
        "trust": 0.3,
        "url": "https://techsupport.osisoft.com/troubleshooting/alerts/al00316"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "BID",
        "id": "99058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "BID",
        "id": "99058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-25T00:00:00",
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "date": "2017-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "date": "2017-06-13T00:00:00",
        "db": "BID",
        "id": "99058"
      },
      {
        "date": "2017-09-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "date": "2017-04-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "date": "2017-08-25T19:29:00.300000",
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "date": "2017-06-13T00:00:00",
        "db": "BID",
        "id": "99058"
      },
      {
        "date": "2017-09-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-007335"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      },
      {
        "date": "2024-11-21T03:32:58.843000",
        "db": "NVD",
        "id": "CVE-2017-7926"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OSIsoft PI Web API Cross-Site Request Forgery Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "e1bb21c8-8650-4e7f-a184-0a29a764df9f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-16356"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1044"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2017-7926

Vulnerability from fkie_nvd

Published

2017-08-25 19:29

Modified

2024-11-21 03:32

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/99058	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99058	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	osisoft	pi_web_api	1.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:osisoft:pi_web_api:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DA97B1-761E-442C-A51D-D43C3BF498E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema de Cross-Site Request Forgery en OSIsoft PI Web API en versiones anteriores a la 2017 (1.9.0). Esta vulnerabilidad permite que ocurran ataques Cross-Site Request Forgery (CSRF) cuando una petici\u00f3n cross-site que normalmente no tendr\u00eda autorizaci\u00f3n es enviada desde un navegador previamente autenticado por el servidor."
    }
  ],
  "id": "CVE-2017-7926",
  "lastModified": "2024-11-21T03:32:58.843",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-08-25T19:29:00.300",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99058"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2017-7926

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-7926

Aliases

CVE-2017-7926

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7926",
    "description": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.",
    "id": "GSD-2017-7926"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7926"
      ],
      "details": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.",
      "id": "GSD-2017-7926",
      "modified": "2023-12-13T01:21:06.919657Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-7926",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "OSIsoft PI Web API 2017",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "OSIsoft PI Web API 2017"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-352"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
          },
          {
            "name": "99058",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99058"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:osisoft:pi_web_api:1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-7926"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
            },
            {
              "name": "99058",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/99058"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:29Z",
      "publishedDate": "2017-08-25T19:29Z"
    }
  }
}

ICSA-17-164-03

Vulnerability from csaf_cisa

Published

2017-06-13 00:00

Modified

2017-06-13 00:00

Summary

OSIsoft PI Web API 2017

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Critical infrastructure sectors

Multiple Sectors

Countries/areas deployed

Worldwide

Company headquarters location

United States

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "OSIsoft",
        "summary": "reporting once they had prepared an upgrade to fix the vulnerabilities"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple Sectors",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-164-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-164-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-164-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-164-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-164-03"
      }
    ],
    "title": "OSIsoft PI Web API 2017",
    "tracking": {
      "current_release_date": "2017-06-13T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-164-03",
      "initial_release_date": "2017-06-13T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-13T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-164-03 OSIsoft PI Web API 2017"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2017 (1.9.0)",
                "product": {
                  "name": "PI Web API: versions prior to 2017 (1.9.0)",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "PI Web API"
          }
        ],
        "category": "vendor",
        "name": "OSIsoft LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7926",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.CVE-2017-7926 has been assigned to this vulnerability. OSIsoft calculated a CVSS v3 base score of 7.1; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7926"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "OSIsoft recommends that users upgrade to the PI Web API version 2017 (1.9.0) and enable CSRF defense. To enable this option, set the configuration attribute \u2018EnableCSRFDefense\u0027 to \u2018True\u0027 in the PI Web API System Configuration element. This element is located at the path \"..\\OSIsoft\\PI Web API\\PIWebAPIMachineName\\System Configuration\" in PI AF Server Configuration database.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "A new installation of PI Web API 2017 (1.9.0) enables CSRF protection by default.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Please see alert AL00316 on the OSIsoft web page for more information about this issue",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00316"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

icsa-17-164-03

Vulnerability from csaf_cisa

Published

2017-06-13 00:00

Modified

2017-06-13 00:00

Summary

OSIsoft PI Web API 2017

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Critical infrastructure sectors

Multiple Sectors

Countries/areas deployed

Worldwide

Company headquarters location

United States

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "OSIsoft",
        "summary": "reporting once they had prepared an upgrade to fix the vulnerabilities"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple Sectors",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-164-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-164-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-164-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-164-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-164-03"
      }
    ],
    "title": "OSIsoft PI Web API 2017",
    "tracking": {
      "current_release_date": "2017-06-13T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-164-03",
      "initial_release_date": "2017-06-13T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-13T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-164-03 OSIsoft PI Web API 2017"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2017 (1.9.0)",
                "product": {
                  "name": "PI Web API: versions prior to 2017 (1.9.0)",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "PI Web API"
          }
        ],
        "category": "vendor",
        "name": "OSIsoft LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7926",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.CVE-2017-7926 has been assigned to this vulnerability. OSIsoft calculated a CVSS v3 base score of 7.1; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7926"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "OSIsoft recommends that users upgrade to the PI Web API version 2017 (1.9.0) and enable CSRF defense. To enable this option, set the configuration attribute \u2018EnableCSRFDefense\u0027 to \u2018True\u0027 in the PI Web API System Configuration element. This element is located at the path \"..\\OSIsoft\\PI Web API\\PIWebAPIMachineName\\System Configuration\" in PI AF Server Configuration database.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "A new installation of PI Web API 2017 (1.9.0) enables CSRF protection by default.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Please see alert AL00316 on the OSIsoft web page for more information about this issue",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00316"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

ghsa-cvq2-wv4h-23w5

Vulnerability from github

Published

2022-05-13 01:36

Modified

2022-05-13 01:36

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-7926"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-25T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.",
  "id": "GHSA-cvq2-wv4h-23w5",
  "modified": "2022-05-13T01:36:14Z",
  "published": "2022-05-13T01:36:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7926"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-164-03"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99058"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2017-7926

Vulnerability from cvelistv5

var-201708-1388

Vulnerability from variot

fkie_cve-2017-7926

Vulnerability from fkie_nvd

gsd-2017-7926

Vulnerability from gsd

ICSA-17-164-03

Vulnerability from csaf_cisa

icsa-17-164-03

Vulnerability from csaf_cisa

ghsa-cvq2-wv4h-23w5

Vulnerability from github

Tags

Sightings

Nomenclature