Back to results

Print

Bug Number	BUG-000128060
Submitted	Jan 21, 2020
Modified	Sep 27, 2021
Severity	Critical
Applies To	ArcGIS GIS Server
Version Found	10.7.1
Prog Language	N/A
Server Platform	Windows 2016 64 Bit
Client Platform	Windows 2016 64 Bit
Database	N/A
Locale	N/A
Status	Implemented
Version Fixed	10.8
SP Fixed	N/A

Bug BUG-000128060

Synopsis

ArcGIS Server has a Server Side Request Forgery (SSRF) security vulnerability.

Additional Information

N/A

Alternate Solution

A fix for this vulnerability is available for ArcGIS Server 10.4 - 10.7.1 as part of the ArcGIS Server Security 2020 Update 1 Patch: https://support.esri.com/en/download/7775

Questions or issues with the site? Send Feedback

Name * Please enter your name

Email * Please enter a valid email address

URL

Please rate your online support experience with Esri's Support website.*

Poor

Below Satisfied

Satisfied

Above Satisfied

Excellent

What issues are you having with the site? How can we improve?

Feedback sent successfully.

Error while sending mail.

Content feedback is currently offline for maintenance. Please try again in a few minutes.