A new Technical Support website experience is coming soon!

In the next couple of months, we will update the Technical Support website. It will look different, but all the information you expect will still be at your fingertips. In fact, we’ve worked hard to ensure you can find information even more easily.

Back to results

Bug Number	BUG-000128060
Submitted	Jan 21, 2020
Modified	Mar 25, 2023
Severity	Critical
Applies To	ArcGIS GIS Server
Version Found	10.7.1
Prog Language	N/A
Server Platform	N/A
Client Platform	N/A
Database	N/A
Locale	N/A
Status	Fixed Learn more
Version Fixed	10.8
SP Fixed	N/A

Bug BUG-000128060

Synopsis

ArcGIS Server has a Server Side Request Forgery (SSRF) security vulnerability.

Additional Information

N/A

Alternate Solution

A fix for this vulnerability is available for ArcGIS Server 10.4 - 10.7.1 as part of the ArcGIS Server Security 2020 Update 1 Patch: https://support.esri.com/en/download/7775