How severe is CVE-2021-29095?

CVE-2021-29095 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2021-29095

Name: arcgis_server
Author: esri

6.8MEDIUM

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve

Veröffentlicht: 3/25/2021Aktualisiert: 11/21/2024

Beschreibung

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.

KI-AnalyseKI-gestützt

Betroffene Produkte

esriarcgis_server

Referenzen

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory