Vulnerabilities > CVE-2022-38212 - Server-Side Request Forgery (SSRF) vulnerability in Esri Portal for Arcgis
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38203.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |