Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BUG-000157278 – ArcGIS Insights has a security vulnerability - desktop
Vulnerability Description
There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Esri ArcGIS Insights Desktop SQL注入漏洞
Vulnerability Description
Esri ArcGIS Insights Desktop是美国环境系统研究所(Esri)公司的一个数据分析工作台。 Esri ArcGIS Insights Desktop 2022.1(Windows、Mac)版本存在SQL注入漏洞,该漏洞源于允许本地授权攻击者针对后端数据库执行任意 SQL 命令。
CVSS Information
N/A
Vulnerability Type
N/A