1373 matches found
CVE-2026-2812
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
CVE-2026-2813
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
CVE-2026-2813
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
CVE-2026-2812
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
EUVD-2026-31145
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
CVE-2026-2813 Unvalidated Redirect in ArcGIS Server
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
CVE-2026-2813
ArcGIS Server (affected: ArcGIS Server 11.5) has a client-side input validation weakness in the login redirection workflow. A authenticated attacker could send a crafted request that may cause the browser to be redirected to an unintended, untrusted site, resulting in a limited confidentiality im...
CVE-2026-2813 Unvalidated Redirect in ArcGIS Server
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
CVE-2026-2813
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
CVE-2026-2812
Summary: CVE-2026-2812 affects ArcGIS Server (12.0 and earlier) due to an improper authentication flaw in an undocumented administrative endpoint. An unauthenticated attacker can trigger a crafted request to that endpoint, potentially disrupting the web-based browsing interface. The available doc...
CVE-2026-2812 Improper Authentication issue in ArcGIS Server
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
EUVD-2026-31147
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
CVE-2026-2812 Improper Authentication issue in ArcGIS Server
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
CVE-2026-2812
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
Esri ArcGIS Server 安全漏洞
Esri ArcGIS Server is a web-based enterprise-level software platform provided by Esri that can deliver geographic services. Version 11.5 of Esri ArcGIS Server contains a security vulnerability. This vulnerability stems from a weakness in input validation within the login redirection workflow. Thi...
Esri ArcGIS Server 授权问题漏洞
Esri ArcGIS Server is a web-based enterprise-level software platform provided by Esri that can deliver geographic services. Versions of Esri ArcGIS Server 12.0 and earlier had an authorization vulnerability. This vulnerability stemmed from improperly configured authentication for unrecorded...
PT-2026-42222
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended, untrusted site, resulti...
PT-2026-42221
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
CVE-2026-33519
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials...
CVE-2026-33518
An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows and Linux that allows highly privileged users to create developer credentials that may grant more privileges than expected...