Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BUG-000152121 - Directory traversal vulnerability in ArcGIS Server.
Vulnerability Description
There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below. Successful exploitation may allow a remote, unauthenticated attacker traverse the file system to access files outside of the intended directory on ArcGIS Server. This could lead to the disclosure of sensitive site configuration information (not user datasets).
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
相对路径遍历
Vulnerability Title
Esri ArcGIS Server 路径遍历漏洞
Vulnerability Description
Esri ArcGIS Server是美国环境系统研究所(Esri)公司的一个面向Web的可用于提供地理位置服务的企业级软件平台。 Esri ArcGIS Server 10.9.1及之前版本存在安全漏洞,该漏洞源于存在路径遍历漏洞,可能允许未经身份验证的远程攻击者遍历文件系统以访问预期目录之外的文件,导致敏感站点配置信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A