How severe is CVE-2022-38194?

CVE-2022-38194 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2022-38194

Name: portal_for_arcgis
Author: esri

6.7MEDIUM

In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file.

Опубликовано: 8/16/2022Обновлено: 11/21/2024

Описание

In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file.

ИИ-АнализНа базе ИИ

Затронутые продукты

esriportal_for_arcgis

10.8.1

Ссылки

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2022-update-1-patch/
Vendor Advisory
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2022-update-1-patch/
Vendor Advisory