| Bug-Nummer | BUG-000132353 |
| Erzeugt am | Jul 18, 2020 |
| Modified | Aug 04, 2022 |
| Schweregrad | Medium |
| Übernehmen für | ArcGIS Enterprise |
| Gefundene Version | 10.7.1 |
| Progr.-Sprache | n. z. |
| Server-Plattform | Windows OS 2016 64 Bit |
| Client-Plattform | Windows OS 2016 64 Bit |
| Datenbank | n. z. |
| Gebietsschema | n. z. |
| Status |
Fixed
Learn more |
| Behoben in Version | 10.8.1 |
| SP Fixed | N/A |
Bug BUG-000132353
Zusammenfassung
There are XML external entity (XXE) and Server Side Request Forgery (SSRF) vulnerabilities in Portal for ArcGIS.
Zusätzliche Informationen
The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch. Refer to https://support.esri.com/en/download/7837.
Alternative Lösung
Refer to https://support.esri.com/en/download/7837 for the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch.