VYPR
Unrated severityNVD Advisory· Published Oct 4, 2024· Updated Apr 10, 2025

BUG-000167984 - Portal for ArcGIS has a Local file inclusion (LFI) vulnerability

CVE-2024-38040

Description

There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2 and below that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.