Esri: Security Vulnerabilities
ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal vulnerability that could allow an unauthenticated, remote attacker to perform directory traversal attacks and read arbitrary files on the system.
CVSS Score
8.6
EPSS Score
0.016
Published
2021-05-05
A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under security context of the user running ArcGIS Earth by inducing the user to upload a crafted file to an affected system.
CVSS Score
7.8
EPSS Score
0.005
Published
2021-05-05
A cross-site scripting (XSS) vulnerability in the Document Link of documents in ESRI Enterprise before 10.9 allows remote authenticated users to inject arbitrary JavaScript code via a malicious HTML attribute such as onerror (in the URL field of the Parameters tab).
CVSS Score
5.4
EPSS Score
0.001
Published
2021-04-08
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
CVSS Score
6.4
EPSS Score
0.004
Published
2021-03-25
Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
CVSS Score
6.4
EPSS Score
0.006
Published
2021-03-25
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
CVSS Score
6.4
EPSS Score
0.004
Published
2021-03-25
Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-03-25
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-03-25
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-03-25
Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-12-26