How severe is CVE-2022-38199?

CVE-2022-38199 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2022-38199

Name: arcgis_server
Author: esri

6.1MEDIUM

A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to

게시됨: 10/25/2022업데이트됨: 11/21/2024

설명

A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to launch a process in the victim's PATH environment. Current browsers provide users with warnings against running unsigned executables downloaded from the internet.

AI 분석AI 기반

영향받는 제품

esriarcgis_server

10.7.1

esriarcgis_server

10.8.1

esriarcgis_server

10.9.1

참조

https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-server-security-2022-update-1-patch
Vendor Advisory
https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-server-security-2022-update-1-patch
Vendor Advisory