| Número de error | BUG-000132353 |
| Enviado | Jul 18, 2020 |
| Modified | Jan 13, 2022 |
| Gravedad | Medium |
| Relacionado con | ArcGIS Enterprise |
| Versión encontrada | 10.7.1 |
| Idioma del programa | N/A |
| Plataforma del servidor | Windows 2016 64 Bit |
| Plataforma cliente | Windows 2016 64 Bit |
| Base de datos | N/A |
| Regional | N/A |
| Estado |
Implemented
Learn more |
| Versión corregida | 10.8.1 |
| SP reparado | N/A |
Error BUG-000132353
Resumen
There are XML external entity (XXE) and Server Side Request Forgery (SSRF) vulnerabilities in Portal for ArcGIS.
Información adicional
The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch. Refer to https://support.esri.com/en/download/7837.
Solución alternativa
Refer to https://support.esri.com/en/download/7837 for the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch.