CVE-2024-51958
CVE-2024-51958
Título es
CVE-2024-51958
Lun, 03/03/2025 – 20:15
Tipo
CWE-22
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-51958
Descripción en
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.
03/03/2025
03/03/2025
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
4.90
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/
Enviar en el boletín
Off
