Deutsch
Bug-Nummer BUG-000132353
Erzeugt am Jul 18, 2020
Modified Jan 13, 2022
Schweregrad Medium
Übernehmen für ArcGIS Enterprise
Gefundene Version 10.7.1
Progr.-Sprache n. z.
Server-Plattform Windows 2016 64 Bit
Client-Plattform Windows 2016 64 Bit
Datenbank n. z.
Gebietsschema n. z.
Status Implemented
Learn more
Behoben in Version 10.8.1
SP Fixed N/A

Bug BUG-000132353

Zusammenfassung

There are XML external entity (XXE) and Server Side Request Forgery (SSRF) vulnerabilities in Portal for ArcGIS.


Zusätzliche Informationen

The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch. Refer to https://support.esri.com/en/download/7837.


Alternative Lösung

Refer to https://support.esri.com/en/download/7837 for the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch.