How severe is CVE-2022-38199?

CVE-2022-38199 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2022-38199

Name: arcgis_server
Author: esri

6.1MEDIUM

A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to

公開日: 10/25/2022更新日: 11/21/2024

説明

A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to launch a process in the victim's PATH environment. Current browsers provide users with warnings against running unsigned executables downloaded from the internet.

AI分析AIによる分析

影響を受ける製品

esriarcgis_server

10.7.1

esriarcgis_server

10.8.1

esriarcgis_server

10.9.1

参照

https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-server-security-2022-update-1-patch
Vendor Advisory
https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-server-security-2022-update-1-patch
Vendor Advisory