Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-38212: Portal for ArcGIS Security 2022 Update 2 Patch is now available

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38203.

CVE
Open in Source
#xss#vulnerability#web#java#ssrf#auth

Esri has released the Portal for ArcGIS Security 2022 Update 2 Patch that resolves multiple high and medium severity security vulnerabilities across versions 11.0, 10.9.1, 10.8.1, and 10.7.1.

This patch is available here.

We provide Common Vulnerability Scoring System v.3.1 (CVSS) scores to allow our customers to better assess risk of these vulnerabilities to their operations. Both base and modified temporal scores are provided to reflect the availability of an official patch.

****Vulnerabilities fixed by this patch********CVE-2022-38205 –** **CWE-23****

In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a directory traversal issue may allow a remote, unauthenticated attacker to traverse the file system and lead to the disclosure of sensitive data (not customer-published content).

CVSS Details:

  • 8.6 Base Score, 8.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/RL:O/RC:C
  • Mitigations: Installations using default installation paths are unaffected

Esri Bug ID: BUG-000148810

****CVE-2022-38203–** **CWE-918****

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38212.

CVSS Details:

  • 7.5 Base Score, 7.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/RL:O/RC:C

Esri Bug ID: BUG-000143641

****CVE-2022-38211–** **CWE-918****

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38212 and CVE-2022-38203.

CVSS Details:

  • 7.5 Base Score, 7.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/RL:O/RC:C

Esri Bug ID: BUG-000143573

****CVE-2022-38212–** **CWE-918****

Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38203.

CVSS Details:

  • 7.5 Base Score, 7.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/RL:O/RC:C

Esri Bug ID: BUG-000130783

****CVE-2022-38204–** **CWE-79****

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.

CVSS Details:

  • 6.1 Base Score, 5.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L/MAV:A

Esri Bug ID: BUG-000141886

****CVE-2022-38206–** **CWE-79****

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.

CVSS Details:

  • 6.1 Base Score, 5.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L/MAV:A

Esri Bug ID: BUG-000151892

****CVE-2022-38207–** **CWE-79****

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.

CVSS Details:

  • 6.1 Base Score, 5.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L/MAV:A

Esri Bug ID: BUG-000136210

****CVE-2022-38209–** **CWE-79****

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.

CVSS Details:

  • 6.1 Base Score, 5.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L/MAV:A

Esri Bug ID: BUG-000152437

****CVE-2022-38210–** **CWE-601****

There is a reflected HTML injection vulnerability in Esri Portal for ArcGIS versions 10.9.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser.

CVSS Details:

  • 6.1 Base Score, 5.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L/MAV:A

Esri Bug ID: BUG-000148008

****CVE-2022-38208–** **CWE-79****

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplying phishing attacks. CVSS Details:

  • 6.1 Base Score, 5.2 Temporal Score
  • Remediation Level: Official Fix Available
  • Report Confidence: Confirmed by Esri
  • #CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/RL:O/MPR:L/MAV:A

Esri Bug ID: BUG-000152035

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE