CVE-2020-35712

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions prior to 10.8

Description The issue concerns a Server-Side Request Forgery (SSRF) vulnerability, which occurs when a server makes an unintended request to an external resource, potentially allowing an attacker to access or manipulate internal systems. This vulnerability is present in certain configurations of the affected software.

Recommendations For versions prior to 10.8, update to version 10.8 or later to resolve the issue. As a temporary workaround, consider restricting access to internal resources to minimize the risk of exploitation.