- What is the severity of CVE-2021-43551?
- CVE-2021-43551 has been scored as a medium severity vulnerability.
- How to fix CVE-2021-43551?
- As a workaround for remediating CVE-2021-43551: OSIsoft recommends upgrading to PI vision 2021. Information can be found in the OSIsoft PI Vision security bulletin (registration required). OSIsoft recommends users apply the following workarounds for PI Vision to help reduce risk: Configure Publisher and Explorer roles in PI Vision User Access Levels to restrict which users can create or modify displays. Remove any Limits properties from AF child attributes using PI System Explorer or a bulk editing tool. OSIsoft recommends the following defense measures to lower the impact of exploitation for PI Vision: Use a modern web browser such as Microsoft Edge, Google Chrome, or Mozilla FireFox. Do not use Microsoft Internet Explorer. If upgrade is not an option, administrators should regularly audit the AF hierarchy to ensure there are no unexpected or unknown elements, attributes, or attribute properties. It is recommended security on elements in AF be configured and enforced in addition to configuring PI point security. Potential unauthorized viewing of PI System data due to this issue is limited to permissions granted to the PI Vision Application Pool Identity. Configure a dedicated identity mapping for PI Vision servers and manage permissions in accordance with a data classification policy. See OSIsoft customer portal knowledge article for additional details and associated security updates (registration required).
- Is CVE-2021-43551 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2021-43551 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2021-43551?
- CVE-2021-43551 affects OSIsoft PI Vision.