How severe is CVE-2023-31274?

CVE-2023-31274 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2023-31274

Name: pi_server
Author: aveva

5.3MEDIUM

AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory

Published: 1/18/2024Updated: 11/21/2024

Description

AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service condition.

AI AnalysisPowered by AI

Affected Products

avevapi_server

2018

avevapi_server

2018

avevapi_server

2023

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01
MitigationThird Party AdvisoryUS Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01
MitigationThird Party AdvisoryUS Government Resource