Main Vulnerability Database SB2017101308

SB2017101308 - Remote code execution in ESRI ArcGIS

Published: October 13, 2017

Security Bulletin ID SB2017101308

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper input validation (CVE-ID: N/A)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in the configuration of the ESRI-provided ArgGIS Server image available on Azure Marketplace due to the default settings load the Java rmid service on TCP port 1098 and set the 'java.rmi.server.useCodebaseOnly' property to false. A remote attacker can send specially crafted data to cause the target RMI service to load and execute remote Java code.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References

http://www.esri.com/arcgis/about-arcgis