Unrated severityNVD Advisory· Published May 29, 2025· Updated Dec 15, 2025
Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS
CVE-2025-4967
Description
Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections.
Affected products
2- Range: <=11.4
- Esri/Portal for ArcGISv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.