There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Esri
Published: 2024-04-04T17:54:33.882Z
Updated: 2024-08-01T23:52:04.660Z
Reserved: 2024-02-09T19:07:07.974Z
Link: CVE-2024-25693
Vulnrichment
Updated: 2024-08-01T23:52:04.660Z
NVD
Status : Awaiting Analysis
Published: 2024-04-04T18:15:10.193
Modified: 2024-04-19T23:15:09.857
Link: CVE-2024-25693
Redhat
No data.