Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BUG-000150537 - ArcGIS Server has a local file inclusion (LFI) vulnerability
Vulnerability Description
Esri ArcGIS Server versions 10.9.1 and prior have a path traversal vulnerability that may result in a denial of service by allowing a remote, authenticated attacker to overwrite internal ArcGIS Server directory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Esri ArcGIS Server 路径遍历漏洞
Vulnerability Description
Esri ArcGIS Server是美国环境系统研究所(Esri)公司的一个面向Web的可用于提供地理位置服务的企业级软件平台。 Esri ArcGIS Server 10.9.1及之前版本存在路径遍历漏洞,该漏洞源于存在路径遍历问题,可能允许经过身份验证的远程攻击者覆盖内部目录从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A