How severe is CVE-2021-29095?

CVE-2021-29095 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2021-29095

Name: arcgis_server
Author: esri

6.8MEDIUM

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve

Опубликовано: 3/25/2021Обновлено: 11/21/2024

Описание

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.

ИИ-АнализНа базе ИИ

Затронутые продукты

esriarcgis_server

Ссылки

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory