CVE-2026-2812
EUVD-2026-3114720.05.2026, 20:16
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This issue affects ArcGIS Server 12.0 and earlier.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| esri | arcgis_server | 11.1 ≤ 𝑥 ≤ 12.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| esri | arcgis | 11.1 ≤ 𝑥 ≤ 12.0 | CNA |
Common Weakness Enumeration