How severe is CVE-2021-29095?

CVE-2021-29095 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2021-29095

Name: arcgis_server
Author: esri

6.8MEDIUM

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve

发布于: 3/25/2021更新于: 11/21/2024

描述

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.

AI分析AI驱动

受影响产品

esriarcgis_server

参考资料

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image
Vendor Advisory