7.5
CVE-2020-10604
- EPSS 0.79%
- Veröffentlicht 25.07.2020 00:15:12
- Zuletzt bearbeitet 21.11.2024 04:55:40
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginIn OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Osisoft ≫ Pi Data Archive Version2018
Osisoft ≫ Pi Data Archive Version2018 Updatesp2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.79% | 0.73 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-248 Uncaught Exception
An exception is thrown from a function, but it is not caught.
CWE-755 Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.