漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
There is a code injection vulnerability in ArcGIS Pro
Vulnerability Description
There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the file could execute and run malicious commands under the context of the victim. This issue is addressed in ArcGIS Pro 3.3.3 and 3.4.1.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Esri ArcGIS 安全漏洞
Vulnerability Description
Esri ArcGIS是Esri公司的一款功能强大的桌面 GIS 软件。 Esri ArcGIS存在安全漏洞,该漏洞源于不可信搜索路径,可能导致低权限攻击者执行恶意命令。
CVSS Information
N/A
Vulnerability Type
N/A