What the vulnerability does
01Description
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute.
CVE-2020-25167
MEDIUM
CVE-2020-25167: OSIsoft PI Vision Incorrect Authorization
CVSS base score
4.9/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Key dates
02Disclosure timeline
April 18, 2022
CVE published
April 16, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-28724
CVE-2022-0762 Incorrect Authorization in microweber/microweber
CVE-2024-27312 Authorization vulnerability in PAM360
CVE-2024-10109 Incorrect Authorization in mintplex-labs/anything-llm
CVE-2026-32005 OpenClaw < 2026.2.25 - Authorization Bypass in Interactive Callbacks via Sender Check Skip
