An anonymous remote code is executed via the Java Remote Method Invocation (RMI) class loader.
Last Published: August 10, 2015ArcGIS for Server
Bug ID Number
May 26, 2015
January 9, 2021
ArcGIS for Server
This issue was not reproducible when tested by the development team. Issues may be given this status when they cannot be reproduced or are no longer relevant in a development version of the software, but a specific fix was not installed to address the issue. The issue's Additional Information section may contain further explanation.
This reported vulnerability is a false positive. The vulnerability exists in earlier versions of JRE 7 but not in any versions used by ArcGIS Server.