Vulnerabilities > CVE-2021-29102 - Server-Side Request Forgery (SSRF) vulnerability in Esri Arcgis Server 10.6.1/10.7.1/10.8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
A Server-Side Request Forgery (SSRF) vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote, unauthenticated attacker to forge GET requests to arbitrary URLs from the system, potentially leading to network enumeration or facilitating other attacks.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |