GCVE - cpe:2.3:a:osisoft:pi_vision:2017:r2:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:osisoft:pi_vision:2017:r2:*:*:*:*:*:*

part: a version: 2017 update: r2

Vendor	Osisoft (`773be19d-2e5d-5fef-8fcd-1eaca9773a63`)
Product	Pi Vision (`80e98a6c-572f-5116-ad70-f4bd05edb36b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/alexjj/pi-vision-custom-symbols`	purl2cpe	2026-06-01 10:13:04.901079
`pkg:github/osisoft/sample-pi_vision_extensibility-rotating_arrow-js`	purl2cpe	2026-06-01 10:13:04.901081

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-18273`	vulnerable	2026-06-03 14:39:57.123721	Details available OSIsoft PI Vision, PI Vision 2017 R2 and PI Vision 2017 R2 SP1. The affected product is vulnerable to cross-site scripting, which may allow invalid input to be introduced. Published: 2020-01-15T18:44:13.000Z Updated: 2024-08-05T01:47:14.106Z Open on db.gcve.eu Reference links https://www.us-cert.gov/ics/advisories/icsa-20-014-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-18244`	vulnerable	2026-06-03 14:39:57.060023	Details available In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue. Published: 2020-01-15T18:50:00.000Z Updated: 2024-08-05T01:47:14.073Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-7500`	vulnerable	2026-06-03 14:39:06.979498	Details available A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Privileges may be escalated, giving attackers access to the PI System via the service account. Published: 2018-03-14T18:00:00.000Z Updated: 2024-08-05T06:31:04.282Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/103396 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-19006`	vulnerable	2026-06-03 14:38:28.799145	Details available OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. This vulnerability requires the ability of authorized AF users to store JavaScript in AF elements and attributes. Published: 2019-04-08T14:30:39.000Z Updated: 2024-08-05T11:23:09.033Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-19-043-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.