VYPR
Unrated severityNVD Advisory· Published Aug 25, 2023· Updated Oct 8, 2024

BUG-000158039 - There is an information disclosure issue in ArcGIS Server.

CVE-2023-25848

Description

ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue.

The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.