Esri Arcgis Enterprise — known CVE vulnerabilities
Every CVE whose affected-product data names Esri Arcgis Enterprise, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-25699 — CVSS 8.5 (high): There is a difficult‑to‑exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 11.2 and…
CVE-2019-16193 — CVSS 5.4 (medium): In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting (XFS) attack through the EDIT MY…
CVE-2021-3012 — CVSS 5.4 (medium): A cross-site scripting (XSS) vulnerability in the Document Link of documents in ESRI Enterprise before 10.9 allows remote authenticated…
CVE-2021-29115 — CVSS 5.3 (medium): An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a…
CVE-2024-25708 — CVSS 4.8 (medium): There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 10.9.1 and below that…