Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0209


Vulnerability Score 6.4 6.4
CVE Id CVE-2009-0209
Last Modified 02 Oct 2009 12:00:00
Published 01 Oct 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



PI Server in OSIsoft PI System before 3.4.380.x does not properly use encryption in the default authentication process, which allows remote attackers to read or modify information in databases via unspecified vectors.

Vulnerable Systems


  • Osisoft Pi Server 2.4

  • Osisoft Pi Server 2.6

  • Osisoft Pi Server 3.4.363.97

  • Osisoft Pi Server 3.4.370

  • Osisoft Pi Server 3.4.375.99


BUGTRAQ - 20090930 C4 SCADA Security Advisory - OSISoft PI Server Authentication Weakness

Last Updated: 27 May 2016 10:50:09