There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Esri
Published: 2023-07-19T15:37:14.946Z
Updated: 2023-07-19T15:37:23.439Z
Reserved: 2023-02-15T17:59:31.097Z
Link: CVE-2023-25838
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-19T16:15:09.540
Modified: 2024-05-21T13:20:10.257
Link: CVE-2023-25838
JSON object: View
Redhat Information
No data.
CWE