Bug
ArcGIS Server has a Server Side Request Forgery (SSRF) security vulnerability.
| Bug ID Number | BUG-000128060 |
|---|---|
| Submitted | January 21, 2020 |
| Last Modified | May 31, 2023 |
| Applies to | ArcGIS GIS Server |
| Version found | 10.7.1 |
| Operating System | Windows OS |
| Operating System Version | 2016 64 Bit |
| Version Fixed | 10.8 |
| Status | Fixed |
Workaround
A fix for this vulnerability is available for ArcGIS Server 10.4 - 10.7.1 as part of the ArcGIS Server Security 2020 Update 1 Patch: https://support.esri.com/en/download/7775
Steps to Reproduce
Bug ID: BUG-000128060
Software:
- ArcGIS GIS Server
Get help from ArcGIS experts
Download the Esri Support App
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback