CPE-D56B6025-4F5B-4EF2-A107-7172C52A35CE Détail

CPE Details

Esri Portal for ArcGIS 11.2

Vendor

esri

Product

portal_for_arcgis

Version

11.2

Created

2025-01-15
17h21 +00:00

Modifié

2025-01-15
17h21 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:esri:portal_for_arcgis:11.2:::::::*

Informations

Vendor

esri

Product

portal_for_arcgis

Version

11.2

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2024-38040	2024-10-04 18h04 +00:00	There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files.	7.5	Haute
CVE-2024-8149	2024-10-04 17h14 +00:00	There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and 11.2 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser.	6.1	Moyen
CVE-2024-8148	2024-10-04 17h11 +00:00	There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 10.8.1 - 11.2 that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.	6.1	Moyen
CVE-2024-25699	2024-04-04 17h56 +00:00	There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 10.8.1 through 11.2 on Windows and Linux, and ArcGIS Enterprise 11.1 and below on Kubernetes which, under unique circumstances, could potentially allow a remote, unauthenticated attacker to compromise the confidentiality, integrity, and availability of the software.	8.5	Haute
CVE-2024-25709	2024-04-04 17h55 +00:00	There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 10.8.1 – 1121 that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high.	6.1	Moyen
CVE-2024-25693	2024-04-04 17h54 +00:00	There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.	9.9	Critique
CVE-2024-25695	2024-04-04 17h54 +00:00	There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions <= 11.2 that may allow a remote, authenticated attacker to provide input that is not sanitized properly and is rendered in error messages. The are no privileges required to execute this attack.	7.2	Haute

Esri Portal for ArcGIS 11.2

CPE Details

CPE Name: cpe:2.3:a:esri:portal_for_arcgis:11.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:esri:portal_for_arcgis:11.2:::::::*