There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Wed, 08 Jan 2025 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Esri
Esri portal For Arcgis Linux Linux linux Kernel Microsoft Microsoft windows |
|
| CPEs | cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Esri
Esri portal For Arcgis Linux Linux linux Kernel Microsoft Microsoft windows |
Status: PUBLISHED
Assigner: Esri
Published:
Updated: 2024-08-01T23:52:04.660Z
Reserved: 2024-02-09T19:07:07.974Z
Link: CVE-2024-25693
Updated: 2024-08-01T23:52:04.660Z
Status : Analyzed
Published: 2024-04-04T18:15:10.193
Modified: 2025-01-08T15:09:41.357
Link: CVE-2024-25693
No data.
OpenCVE Enrichment
No data.