漏洞
The ArcGIS Server Simple Object Access Protocol (SOAP) endpoint, ‘http(s)://:/arcgis/services’, does not appear to have any application driven error handling and may be vulnerable to string injection and brute force attacks. Below is a link to the Vulnerability Score (CVSS): CVSS 3.3 (of 10): Low Risk Vulnerability https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:W/RC:U
| 漏洞 ID 编号 | BUG-000091164 |
|---|---|
| 已提交 | October 2, 2015 |
| 上次修改时间 | June 5, 2024 |
| 适用范围 | ArcGIS for Server |
| 找到的版本 | 10.3.1 |
| 操作系统 | Windows OS |
| 操作系统版本 | 2008 R2 64 Bit |
| 状态 | Non-Reproducible |
附加信息
Unable to reproduce the vulnerability outlined in this bug.重现步骤
漏洞 ID: BUG-000091164
软件:
- ArcGIS for Server
当漏洞状态发生变化时获得通知
发现关于本主题的更多内容
搜索相关信息
查找与此主题相关的培训
探索想法并提供反馈
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序