Unrated severityNVD Advisory· Published Nov 14, 2012· Updated Jun 16, 2026
CVE-2012-4949
CVE-2012-4949
Description
SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote authenticated users to execute arbitrary SQL commands via the where parameter to a query URI for a REST service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:esri:arcgis_server:10.1:*:*:*:*:*:*:*
- Range: = 10.1
Patches
Vulnerability mechanics
References
2- www.kb.cert.org/vuls/id/795644nvdThird Party AdvisoryUS Government Resource
- exchange.xforce.ibmcloud.com/vulnerabilities/79977nvdVDB Entry
News mentions
0No linked articles in our index yet.