漏洞
Portal for ArcGIS 10.8.1 with Security Assertion Markup Language (SAML) authentication in ArcGIS Web AppBuilder nulls the expiration date on token after creation of a new map in ArcGIS Web AppBuilder.
| 漏洞 ID 编号 | BUG-000153738 |
|---|---|
| 已提交 | November 15, 2022 |
| 上次修改时间 | June 5, 2024 |
| 适用范围 | Portal for ArcGIS |
| 找到的版本 | 10.8.1 |
| 操作系统 | Windows OS |
| 操作系统版本 | N/A |
| 状态 | As Designed |
附加信息
This is not an issue with Portal for ArcGIS. Token expiration information can be found in the following documentation: https://enterprise.arcgis.com/en/portal/latest/administer/windows/specify-the-default-token-expiration-time.htm解决办法
Upgrading to Portal for ArcGIS 10.9.1 or newer versions shows that the token and cookie is absent in the web traffic, indicating the authentication is being handled differently, and is not an issue.
重现步骤
漏洞 ID: BUG-000153738
软件:
- Portal for ArcGIS
当漏洞状态发生变化时获得通知
发现关于本主题的更多内容
搜索相关信息
查找与此主题相关的培训
探索想法并提供反馈
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序