There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.
CVSS
No CVSS.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2024-06-12T21:04:28.259Z
Updated: 2024-06-13T19:42:12.412Z
Reserved: 2024-04-08T15:55:44.887Z
Link: CVE-2024-3468
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-12T21:15:50.747
Modified: 2024-06-13T18:36:09.010
Link: CVE-2024-3468
JSON object: View
Redhat Information
No data.
CWE