| Numéro de bogue | BUG-000132353 |
| Envoyé | Jul 18, 2020 |
| Modified | Jan 13, 2022 |
| Gravité | Medium |
| S’applique à | ArcGIS Enterprise |
| Version trouvée | 10.7.1 |
| Langage de programmation | N/D |
| Plateforme serveur | Windows 2016 64 Bit |
| Plateforme client | Windows 2016 64 Bit |
| Base de données | N/D |
| Paramètre régional | N/D |
| Statut |
Implemented
Learn more |
| Version corrigée | 10.8.1 |
| Résolu par le fournisseur | N/A |
Bogue BUG-000132353
Synopsis
There are XML external entity (XXE) and Server Side Request Forgery (SSRF) vulnerabilities in Portal for ArcGIS.
Informations supplémentaires
The fix of this defect for Portal for ArcGIS 10.6.1 and Portal for ArcGIS 10.7.1 is provided in the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch. Refer to https://support.esri.com/en/download/7837.
Autre solution
Refer to https://support.esri.com/en/download/7837 for the 'Portal for ArcGIS Security 2020 Update 2 Patch' security patch.