CVE-2022-38199

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server (affected versions not specified)

Description A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services, potentially allowing a remote, unauthenticated attacker to induce an unsuspecting victim to launch a process in the victim's PATH environment. Current browsers provide users with warnings against running unsigned executables downloaded from the internet.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.