Unrated severityNVD Advisory· Published Aug 25, 2023· Updated Oct 8, 2024
BUG-000158039 - There is an information disclosure issue in ArcGIS Server.
CVE-2023-25848
Description
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue.
The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.
Affected products
2- Range: <=11.0
- Range: 10.8.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.