CVE-2024-25693 - Vulnerability Details - OpenCVE

There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Esri	Portal For Arcgis
Linux	Linux Kernel
Microsoft	Windows

Configuration 1 [-]

AND

cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

No data.

References

Link	Providers
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/

History

Wed, 08 Jan 2025 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Esri Esri portal For Arcgis Linux Linux linux Kernel Microsoft Microsoft windows
CPEs		cpe:2.3:a:esri:portal_for_arcgis:::::::: cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:microsoft:windows:-:::::::*
Vendors & Products		Esri Esri portal For Arcgis Linux Linux linux Kernel Microsoft Microsoft windows

MITRE

Status: PUBLISHED

Assigner: Esri

Published: 2024-04-04T17:54:33.882Z

Updated: 2024-08-01T23:52:04.660Z

Reserved: 2024-02-09T19:07:07.974Z

Link: CVE-2024-25693

Vulnrichment

Updated: 2024-08-01T23:52:04.660Z

NVD

Status : Analyzed

Published: 2024-04-04T18:15:10.193

Modified: 2025-01-08T15:09:41.357

Link: CVE-2024-25693

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-25693", "assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "state": "PUBLISHED", "assignerShortName": "Esri", "dateReserved": "2024-02-09T19:07:07.974Z", "datePublished": "2024-04-04T17:54:33.882Z", "dateUpdated": "2024-08-01T23:52:04.660Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows", "Linux"], "product": "Portal for ArcGIS ", "vendor": "Esri", "versions": [{"lessThanOrEqual": "<=11.2", "status": "affected", "version": "all", "versionType": "all"}]}], "datePublic": "2024-04-04T18:05:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory. "}], "value": "There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.\u00a0"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "shortName": "Esri", "dateUpdated": "2024-04-19T22:30:03.677Z"}, "references": [{"url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/"}], "source": {"defect": ["BUG-000162623"], "discovery": "UNKNOWN"}, "title": "Portal for ArcGIS has a directory traversal vulnerability.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "esri", "product": "portal_for_arcgis", "cpes": ["cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "11.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-31T19:59:10.516765Z", "id": "CVE-2024-25693", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T20:00:27.790Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:52:04.660Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:52:04.660Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-25693", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-31T19:59:10.516765Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*"], "vendor": "esri", "product": "portal_for_arcgis", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T20:00:12.824Z"}}], "cna": {"title": "Portal for ArcGIS has a directory traversal vulnerability.", "source": {"defect": ["BUG-000162623"], "discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Esri", "product": "Portal for ArcGIS ", "versions": [{"status": "affected", "version": "all", "versionType": "all", "lessThanOrEqual": "<=11.2"}], "platforms": ["Windows", "Linux"], "defaultStatus": "unaffected"}], "datePublic": "2024-04-04T18:05:00.000Z", "references": [{"url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.\u00a0", "supportingMedia": [{"type": "text/html", "value": "There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory. ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "shortName": "Esri", "dateUpdated": "2024-04-19T22:30:03.677Z"}}}, "cveMetadata": {"cveId": "CVE-2024-25693", "state": "PUBLISHED", "dateUpdated": "2024-08-01T23:52:04.660Z", "dateReserved": "2024-02-09T19:07:07.974Z", "assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "datePublished": "2024-04-04T17:54:33.882Z", "assignerShortName": "Esri"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*", "matchCriteriaId": "750982DD-15CB-4D5A-8101-2702CE79E15C", "versionEndIncluding": "11.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.\u00a0"}, {"lang": "es", "value": "Hay un path traversal en Esri Portal para versiones de ArcGIS <= 11.2. La explotaci\u00f3n exitosa puede permitir que un atacante remoto y autenticado atraviese el sistema de archivos para acceder a archivos o ejecutar c\u00f3digo fuera del directorio previsto."}], "id": "CVE-2024-25693", "lastModified": "2025-01-08T15:09:41.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "psirt@esri.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-04T18:15:10.193", "references": [{"source": "psirt@esri.com", "tags": ["Vendor Advisory"], "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1/"}], "sourceIdentifier": "psirt@esri.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@esri.com", "type": "Secondary"}]}