Critical severity9.1NVD Advisory· Published May 29, 2025· Updated Jun 17, 2026
CVE-2025-4967
CVE-2025-4967
Description
Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections.
Affected products
2<=11.4+ 1 more
- (no CPE)range: <=11.4
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.