Vulnerabilities > CVE-2021-29102 - Server-Side Request Forgery (SSRF) vulnerability in Esri Arcgis Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
A Server-Side Request Forgery (SSRF) vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote, unauthenticated attacker to forge GET requests to arbitrary URLs from the system, potentially leading to network enumeration or facilitating other attacks.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |