English
Continue in the app
Bug Number BUG-000137658
Submitted Feb 23, 2021
Modified Jun 01, 2022
Severity High
Applies To ArcGIS Enterprise
Version Found No Version Found
Prog Language N/A
Server Platform Windows OS N/A
Client Platform Windows OS N/A
Database N/A
Locale N/A
Status Unknown Text - Bugs/Fixed
Learn more
Version Fixed 10.9
SP Fixed N/A

Bug BUG-000137658

Synopsis

There is a Server Side Request Forgery (SSRF) vulnerability in ArcGIS Server Manager. Note This security patch addresses multiple security vulnerabilities found in ArcGIS Server. Esri recommends that all customers using ArcGIS Server 10.8.1, 10.7.1, and 10.6.1 apply this patch.


Additional Information

N/A


Alternate Solution

The ArcGIS Server Security 2021 Update 1 Patch is now live on the support site. The URL is:

https://support.esri.com/en/download/7879