Bug Number | BUG-000128060 |
Submitted | Jan 21, 2020 |
Modified | Dec 28, 2020 |
Severity | Critical |
Applies To | ArcGIS GIS Server |
Version Found | 10.7.1 |
Prog Language | N/A |
Server Platform | Windows 2016 64 Bit |
Client Platform | Windows 2016 64 Bit |
Database | N/A |
Locale | N/A |
Status | Implemented |
Version Fixed | 10.8 |
SP Fixed | N/A |
Bug BUG-000128060
Synopsis
ArcGIS Server has a Server Side Request Forgery (SSRF) security vulnerability.
Additional Information
N/A
Alternate Solution
A fix for this vulnerability is available for ArcGIS Server 10.4 - 10.7.1 as part of the ArcGIS Server Security 2020 Update 1 Patch: https://support.esri.com/en/download/7775