Tag: security patch
The Portal for ArcGIS Security 2018 Update 1 Patch has been released for Portal for ArcGIS 10.5.1. Patches for Portal for ArcGIS 10.4.1 and 10.3.1 will be released on this same page as they are available.
Security patches are released for the last minor release in a series of ArcGIS products that are still in mainstream support.
ArcGIS License Manager is built with a third party software component called Flexera FlexNet Publisher. Recently, a CVE (CVE-2015-8277) was released detailing buffer overflow vulnerabilities associated with Flexera FlexNet Publisher. Esri is providing ArcGIS 10.4 License Manager to resolve these Flexera-based vulnerabilities. Continue reading
Esri has released a security patch to address vulnerabilities found in ArcGIS for Server. Esri recommends that this patch be applied immediately. Service packs must be applied first before the patch Vulnerability Details: NIM102197 – ArcGIS for Server allows unauthorized access to some resources from secured services - (CWE-285) Some resources … Continue reading
Esri has released a security patch to address serious vulnerabilities in the web adaptor for IIS and the patch should be applied immediately. The Web Adaptor for the Java platform is unaffected by these vulnerabilities. Vulnerability Details: NIM102891 – ArcGIS Web Adaptor on IIS does not enforce authorization on … Continue reading
On June 6th, 2014, the United States Department of Agriculture (USDA) granted a Federal Information Security Management Act (FISMA) Low Authority to Operate (ATO) for ArcGIS Online. This process ensures that ArcGIS Online passed a rigorous security control review to … Continue reading