Lucene search

CVE-2022-38212

🗓️ 29 Dec 2022 20:10:15Reported by [email protected]Type

Protections against Server-Side Request Forgery (SSRF) in Esri Portal not fully honore

Reporter	Title	Published	Views	Family All 11
CVE	CVE-2022-38212	30 Dec 202205:13	–	cve
CVE	CVE-2022-38203	30 Dec 202205:13	–	cve
CVE	CVE-2022-38211	30 Dec 202205:13	–	cve
Cvelist	CVE-2022-38212 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)	30 Dec 202205:13	–	cvelist
Cvelist	CVE-2022-38203 The allowedProxyHosts property is not fully honored in ArcGIS Enterprise (10.8.1 and 10.7.1 only)	30 Dec 202205:13	–	cvelist
Cvelist	CVE-2022-38211 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only)	30 Dec 202205:13	–	cvelist
Prion	Server side request forgery (ssrf)	29 Dec 202220:15	–	prion
Prion	Server side request forgery (ssrf)	29 Dec 202220:15	–	prion
Prion	Server side request forgery (ssrf)	29 Dec 202220:15	–	prion
NVD	CVE-2022-38203	29 Dec 202220:15	–	nvd

Nvd

Node

esri portal_for_arcgisRange≤10.8.1

Source	Link
esri	www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2022-update-2-patch-is-now-available

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Dec 2022 20:15Current

CVSS37.5

EPSS0.00214

CWE-918