The version of Apache Derby that ships with ArcGIS for Server is outdated and has been flagged as being susceptible to an information disclosure vulnerability. Consider updating to Apache Derby 10.6.1.0 or higher.
Last Published: October 27, 2015ArcGIS for Server
Bug ID Number
August 27, 2015
July 28, 2020
ArcGIS for Server
Operating System Version
2012 64 Bit
Will Not Be Addressed
The development team has considered the issue or request and concluded it will not be addressed. The issue's Additional Information section may contain further explanation.
This is a vulnerability in Apache Derby. It does not impact and cannot be used to exploit ArcGIS for Server.