Security Advisory

CVE-2022-38202

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-28 00:00:00

Last updated 2025-04-10 14:55:14

Assigner Esri

State PUBLISHED

Description

There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below. Successful exploitation may allow a remote, unauthenticated attacker traverse the file system to access files outside of the intended directory on ArcGIS Server. This could lead to the disclosure of sensitive site configuration information (not user datasets).

← Browse all CVEs View on cve.org ↗