CVE-2025-2538 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthen…

Critical CVSS: 9.8

CVE-2025-2538

A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthenticated attacker to gain administrative access to the system.

Vendor

Product

Portal For Arcgis

CWE

Yayın Tarihi

2025-03-20 21:15:23

Güncelleme

2025-12-10 20:16:21

Source Identifier

psirt@esri.com

KEV Date Added

-

Kategoriler

CWE-798 Portal For Arcgis CRITICAL Esri 2025

Referanslar

https://support.esri.com/en-us/patches-updates/2025/portal-for-arcgis-security-2025-update-3-patch

Benzer Kayıtlar

Medium

CVE-2026-1446

There is a Cross‑Site Scripting (XSS) issue in Esri ArcGIS Pro versions 3.6.0 and earlier. ArcGIS Pro is a desktop appli…

Medium

CVE-2025-67709

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some co…

Medium

CVE-2025-67710

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some co…

Medium

CVE-2025-67711

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some co…

Medium

CVE-2025-67704

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some co…

Medium

CVE-2025-67705

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some co…