CVE-2020-35712

CRITICAL WAF: Medium
CVSS 9.8 Published: 2020-12-26
CWE-918

Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations.

WAF Coverage Analysis

Server-Side Request Forgery (SSRF) Medium WAF Coverage

OWASP: A10:2021 SSRF

934xxx - Node.js / Generic Injection

Affected Software

VendorProductVersion
esriarcgis_serverup to 10.8

References

Back to CVE Database