cvelistv5 - cve-2024-51958

CVE-2024-51958 (GCVE-0-2024-51958)

Vulnerability from cvelistv5 – Published: 2025-03-03 19:57 – Updated: 2025-04-10 19:26

Summary

There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

Esri

References

URL

Tags

https://www.esri.com/arcgis-blog/products/trust-a…

Impacted products

	Vendor	Product	Version
	Esri	ArcGIS Server	Affected: all , ≤ 11.3 (all)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-51958",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T20:52:25.307341Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T20:52:36.001Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux"
          ],
          "product": "ArcGIS Server",
          "vendor": "Esri",
          "versions": [
            {
              "lessThanOrEqual": "11.3",
              "status": "affected",
              "version": "all",
              "versionType": "all"
            }
          ]
        }
      ],
      "datePublic": "2025-02-28T20:39:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u0026nbsp; There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.\u0026nbsp;\u0026nbsp;"
            }
          ],
          "value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-126",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-126 Path Traversal"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-10T19:26:38.749Z",
        "orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e",
        "shortName": "Esri"
      },
      "references": [
        {
          "url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/"
        }
      ],
      "source": {
        "defect": [
          "BUG-000172290"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Directory traversal vulnerability in the admin api for service thumbnails",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e",
    "assignerShortName": "Esri",
    "cveId": "CVE-2024-51958",
    "datePublished": "2025-03-03T19:57:48.374Z",
    "dateReserved": "2024-11-04T16:54:39.392Z",
    "dateUpdated": "2025-04-10T19:26:38.749Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-51958\",\"sourceIdentifier\":\"psirt@esri.com\",\"published\":\"2025-03-03T20:15:42.397\",\"lastModified\":\"2025-04-10T20:15:21.150\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de path traversal en las versiones 10.9.1 a 11.3 de ESRI ArcGIS Server. Si se explota con \u00e9xito, es posible que un atacante remoto autenticado con privilegios de administrador pueda recorrer el sistema de archivos para acceder a archivos fuera del directorio previsto. No hay impacto en la integridad ni en la disponibilidad debido a la naturaleza de los archivos a los que se puede acceder, pero existe un alto potencial de impacto en la confidencialidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@esri.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@esri.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.9.1\",\"versionEndIncluding\":\"11.3\",\"matchCriteriaId\":\"0F9FCA91-B1DE-4C4E-8E33-C42BEA8F53D0\"}]}]}],\"references\":[{\"url\":\"https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/\",\"source\":\"psirt@esri.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-51958\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-03T20:52:25.307341Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-03T20:52:30.386Z\"}}], \"cna\": {\"title\": \"Directory traversal vulnerability in the admin api for service thumbnails\", \"source\": {\"defect\": [\"BUG-000172290\"], \"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-126\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-126 Path Traversal\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Esri\", \"product\": \"ArcGIS Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"all\", \"versionType\": \"all\", \"lessThanOrEqual\": \"11.3\"}], \"platforms\": [\"Windows\", \"Linux\"], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-02-28T20:39:00.000Z\", \"references\": [{\"url\": \"https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u0026nbsp; There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.\u0026nbsp;\u0026nbsp;\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"cedc17bb-4939-4f40-a1f4-30ae8af1094e\", \"shortName\": \"Esri\", \"dateUpdated\": \"2025-04-10T19:26:38.749Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-51958\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-10T19:26:38.749Z\", \"dateReserved\": \"2024-11-04T16:54:39.392Z\", \"assignerOrgId\": \"cedc17bb-4939-4f40-a1f4-30ae8af1094e\", \"datePublished\": \"2025-03-03T19:57:48.374Z\", \"assignerShortName\": \"Esri\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2025-0476

Vulnerability from csaf_certbund - Published: 2025-03-03 23:00 - Updated: 2025-03-03 23:00

Summary

ESRI ArcGIS: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

ArcGIS ist ein Geoinformationssystem.

Angriff

Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in ESRI ArcGIS ausnutzen, um Dateien zu manipulieren, Cross-Site-Scripting durchzuführen, Informationen offenzulegen oder Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Sonstiges - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "ArcGIS ist ein Geoinformationssystem.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in ESRI ArcGIS ausnutzen, um Dateien zu manipulieren, Cross-Site-Scripting durchzuf\u00fchren, Informationen offenzulegen oder Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0476 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0476.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0476 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0476"
      },
      {
        "category": "external",
        "summary": "ArcGIS Server Security 2025 Update 1 vom 2025-03-03",
        "url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/"
      }
    ],
    "source_lang": "en-US",
    "title": "ESRI ArcGIS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-03-03T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-04T10:32:52.564+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0476",
      "initial_release_date": "2025-03-03T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-03-03T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Server Security \u003c2025 Update 1",
                "product": {
                  "name": "ESRI ArcGIS Server Security \u003c2025 Update 1",
                  "product_id": "T041548"
                }
              },
              {
                "category": "product_version",
                "name": "Server Security 2025 Update 1",
                "product": {
                  "name": "ESRI ArcGIS Server Security 2025 Update 1",
                  "product_id": "T041548-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:esri:arcgis:server_security__2025_update_1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ArcGIS"
          }
        ],
        "category": "vendor",
        "name": "ESRI"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-51962",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51962"
    },
    {
      "cve": "CVE-2024-51954",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51954"
    },
    {
      "cve": "CVE-2024-51961",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51961"
    },
    {
      "cve": "CVE-2024-51958",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51958"
    },
    {
      "cve": "CVE-2024-51966",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51966"
    },
    {
      "cve": "CVE-2024-10904",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-10904"
    },
    {
      "cve": "CVE-2024-51942",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51942"
    },
    {
      "cve": "CVE-2024-51943",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51943"
    },
    {
      "cve": "CVE-2024-51944",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51944"
    },
    {
      "cve": "CVE-2024-51945",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51945"
    },
    {
      "cve": "CVE-2024-51946",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51946"
    },
    {
      "cve": "CVE-2024-51947",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51947"
    },
    {
      "cve": "CVE-2024-51948",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51948"
    },
    {
      "cve": "CVE-2024-51949",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51949"
    },
    {
      "cve": "CVE-2024-51950",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51950"
    },
    {
      "cve": "CVE-2024-51951",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51951"
    },
    {
      "cve": "CVE-2024-51952",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51952"
    },
    {
      "cve": "CVE-2024-51953",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51953"
    },
    {
      "cve": "CVE-2024-51956",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51956"
    },
    {
      "cve": "CVE-2024-51957",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51957"
    },
    {
      "cve": "CVE-2024-51959",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51959"
    },
    {
      "cve": "CVE-2024-51960",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51960"
    },
    {
      "cve": "CVE-2024-51963",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-51963"
    },
    {
      "cve": "CVE-2024-5888",
      "product_status": {
        "known_affected": [
          "T041548"
        ]
      },
      "release_date": "2025-03-03T23:00:00.000+00:00",
      "title": "CVE-2024-5888"
    }
  ]
}

FKIE_CVE-2024-51958

Vulnerability from fkie_nvd - Published: 2025-03-03 20:15 - Updated: 2025-04-10 20:15

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	psirt@esri.com	https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	esri	arcgis_server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F9FCA91-B1DE-4C4E-8E33-C42BEA8F53D0",
              "versionEndIncluding": "11.3",
              "versionStartIncluding": "10.9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de path traversal en las versiones 10.9.1 a 11.3 de ESRI ArcGIS Server. Si se explota con \u00e9xito, es posible que un atacante remoto autenticado con privilegios de administrador pueda recorrer el sistema de archivos para acceder a archivos fuera del directorio previsto. No hay impacto en la integridad ni en la disponibilidad debido a la naturaleza de los archivos a los que se puede acceder, pero existe un alto potencial de impacto en la confidencialidad."
    }
  ],
  "id": "CVE-2024-51958",
  "lastModified": "2025-04-10T20:15:21.150",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "psirt@esri.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-03-03T20:15:42.397",
  "references": [
    {
      "source": "psirt@esri.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/"
    }
  ],
  "sourceIdentifier": "psirt@esri.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "psirt@esri.com",
      "type": "Primary"
    }
  ]
}

GHSA-CWHX-WW39-3H7H

Vulnerability from github – Published: 2025-03-03 21:31 – Updated: 2025-04-10 21:31

Details

There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.

Severity ?

4.9 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-51958"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-03T20:15:42Z",
    "severity": "MODERATE"
  },
  "details": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3.  Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality.",
  "id": "GHSA-cwhx-ww39-3h7h",
  "modified": "2025-04-10T21:31:07Z",
  "published": "2025-03-03T21:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51958"
    },
    {
      "type": "WEB",
      "url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2025-05081

Vulnerability from cnvd - Published: 2025-03-13

Title

Esri ArcGIS Server路径遍历漏洞

Description

Esri ArcGIS Server是Esri公司的一个面向Web的可用于提供地理位置服务的企业级软件平台。 Esri ArcGIS Server 10.9.1至11.3版本存在路径遍历漏洞，该漏洞源于程序未能正确地过滤资源或文件路径中的特殊元素。远程认证攻击者可利用此漏洞访问文件系统外的文件。

Severity

中

Patch Name

Esri ArcGIS Server路径遍历漏洞的补丁

Patch Description

Esri ArcGIS Server是Esri公司的一个面向Web的可用于提供地理位置服务的企业级软件平台。 Esri ArcGIS Server 10.9.1至11.3版本存在路径遍历漏洞，该漏洞源于程序未能正确地过滤资源或文件路径中的特殊元素。远程认证攻击者可利用此漏洞访问文件系统外的文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.esri.com/en-us/patches-updates/2025/arcgis-server-security-2025-update-1

Reference

https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/

Impacted products

Name
ESRI ArcGIS Server >=10.9.1，<=11.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-51958",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-51958"
    }
  },
  "description": "Esri ArcGIS Server\u662fEsri\u516c\u53f8\u7684\u4e00\u4e2a\u9762\u5411Web\u7684\u53ef\u7528\u4e8e\u63d0\u4f9b\u5730\u7406\u4f4d\u7f6e\u670d\u52a1\u7684\u4f01\u4e1a\u7ea7\u8f6f\u4ef6\u5e73\u53f0\u3002\n\nEsri ArcGIS Server 10.9.1\u81f311.3\u7248\u672c\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5730\u8fc7\u6ee4\u8d44\u6e90\u6216\u6587\u4ef6\u8def\u5f84\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u8fdc\u7a0b\u8ba4\u8bc1\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u8bbf\u95ee\u6587\u4ef6\u7cfb\u7edf\u5916\u7684\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.esri.com/en-us/patches-updates/2025/arcgis-server-security-2025-update-1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-05081",
  "openTime": "2025-03-13",
  "patchDescription": "Esri ArcGIS Server\u662fEsri\u516c\u53f8\u7684\u4e00\u4e2a\u9762\u5411Web\u7684\u53ef\u7528\u4e8e\u63d0\u4f9b\u5730\u7406\u4f4d\u7f6e\u670d\u52a1\u7684\u4f01\u4e1a\u7ea7\u8f6f\u4ef6\u5e73\u53f0\u3002\r\n\r\nEsri ArcGIS Server 10.9.1\u81f311.3\u7248\u672c\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5730\u8fc7\u6ee4\u8d44\u6e90\u6216\u6587\u4ef6\u8def\u5f84\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u8fdc\u7a0b\u8ba4\u8bc1\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u8bbf\u95ee\u6587\u4ef6\u7cfb\u7edf\u5916\u7684\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Esri ArcGIS Server\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "ESRI ArcGIS Server \u003e=10.9.1\uff0c\u003c=11.3"
  },
  "referenceLink": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/",
  "serverity": "\u4e2d",
  "submitTime": "2025-03-07",
  "title": "Esri ArcGIS Server\u8def\u5f84\u904d\u5386\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-51958 (GCVE-0-2024-51958)

WID-SEC-W-2025-0476

FKIE_CVE-2024-51958

GHSA-CWHX-WW39-3H7H

CNVD-2025-05081

Tags

Sightings

Nomenclature