Vulnerability Details : CVE-2023-25848
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue.
The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.
Published
2023-08-25 19:15:09
Updated
2023-08-31 14:29:49
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2023-25848
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less