There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Esri
Published: 2023-07-19T15:45:47.077Z
Updated: 2024-08-02T11:32:12.724Z
Reserved: 2023-02-15T17:59:31.097Z
Link: CVE-2023-25839
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-19T16:15:09.640
Modified: 2023-07-27T19:48:48.527
Link: CVE-2023-25839
Redhat
No data.