Lucene search
K

6 matches found

CVE
CVE
added 2022/12/30 5:13 a.m.63 views

CVE-2022-38212

CVE-2022-38212 affects Esri Portal for ArcGIS (versions 10.8.1 and earlier). The issue is a Server-Side Request Forgery (SSRF) vulnerability that may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially enabling network enumeration or reading h...

7.5CVSS7.8AI score0.0074EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/30 5:13 a.m.29 views

CVE-2022-38212 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...

7.5CVSS8AI score0.0074EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/30 5:13 a.m.12 views

CVE-2022-38212 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only)

Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...

7.5CVSS7.8AI score0.0074EPSS
Exploits0References1
NVD
NVD
added 2022/12/29 8:15 p.m.20 views

CVE-2022-38212

Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...

7.5CVSS0.0074EPSS
Exploits0References1
Prion
Prion
added 2022/12/29 8:15 p.m.22 views

Server side request forgery (ssrf)

Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...

5CVSS7.8AI score0.00876EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/29 12:0 a.m.8 views

PT-2022-24280 · Esri · Portal For Arcgis

🚨 CVE-2022-38212 Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to...

7.5CVSS7.7AI score0.00876EPSS
Exploits0References4
Rows per page
Query Builder