Continue in the app
Bug Number BUG-000136840
Submitted Jan 19, 2021
Modified Jun 01, 2022
Severity High
Applies To ArcGIS Enterprise
Version Found No Version Found
Prog Language N/A
Server Platform Windows OS 2016 64 Bit
Client Platform Windows OS 2016 64 Bit
Database N/A
Locale N/A
Status Unknown Text - Bugs/Fixed
Learn more
Version Fixed 10.8.1
SP Fixed N/A

Bug BUG-000136840


There is a Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS.

Additional Information

The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch. Refer to https://support.esri.com/en/download/7837.

Alternate Solution