How severe is CVE-2021-29095?

CVE-2021-29095 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2021-29095

Name: arcgis_server
Author: esri

6.8MEDIUM

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve

Publicado: 3/25/2021Atualizado: 11/21/2024

Descrição

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.

Análise IADesenvolvido por IA

Produtos Afetados

esriarcgis_server

Referências

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory