Lucene search
CVE-2022-38203
Protections against SSRF vulnerabilities not fully honored in Esri Portal for ArcGIS ver. 10.8.1 and below, allowing remote attackers to forge requests to arbitrary URLs
Show more
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | Server side request forgery (ssrf) | 29 Dec 202220:15 | – | prion |
| Server side request forgery (ssrf) | 29 Dec 202220:15 | – | prion |
| Server side request forgery (ssrf) | 29 Dec 202220:15 | – | prion |
 | CVE-2022-38212 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) | 30 Dec 202205:13 | – | cvelist |
| CVE-2022-38203 The allowedProxyHosts property is not fully honored in ArcGIS Enterprise (10.8.1 and 10.7.1 only) | 30 Dec 202205:13 | – | cvelist |
| CVE-2022-38211 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only) | 30 Dec 202205:13 | – | cvelist |
 | CVE-2022-38212 | 30 Dec 202205:13 | – | cve |
| CVE-2022-38211 | 30 Dec 202205:13 | – | cve |
 | CVE-2022-38212 | 29 Dec 202220:15 | – | nvd |
| CVE-2022-38203 | 29 Dec 202220:15 | – | nvd |
10
Node
[
{
"vendor": "Esri",
"product": "Portal for ArcGIS",
"versions": [
{
"version": "Portal for ArcGIS 10.7.1 and 10.8.1",
"status": "affected"
}
],
"platforms": [
"x64"
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo30 Dec 2022 05:13Current
7.8High risk
Vulners AI Score7.8
CVSS37.5
EPSS0.00214