Unvalidated Redirect Vulnerability in Esri Portal for ArcGIS by Esri
CVE-2025-57879
6.1MEDIUM
What is CVE-2025-57879?
An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS versions 11.4 and earlier. This flaw can be exploited by remote, unauthenticated attackers who craft deceptive URLs, enabling them to redirect victims to arbitrary websites. Such redirections can facilitate various social engineering attacks, particularly phishing schemes, potentially compromising sensitive user information.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Portal for ArcGIS Windows 10.9.1 <= 11.4
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved