There is a vulnerability in AVEVA PI Web API that could...
Unreviewed
Published
Jun 12, 2024
to the GitHub Advisory Database
•
Updated Jun 12, 2024
Description
Published by the National Vulnerability Database
Jun 12, 2024
Published to the GitHub Advisory Database
Jun 12, 2024
Last updated
Jun 12, 2024
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.
References