ArcGIS Blog

Administration

ArcGIS Enterprise

Portal for ArcGIS 10.8.1 Home Application Patch resolves two moderate priority security issues

By RandallWilliams

The Portal for ArcGIS 10.8.1 Home Application Patch is now live on the support site. This patch includes fixes for two moderate priority security issues.

Note: The Portal for ArcGIS 10.8.1 Home Application Patch is superseded by the Portal for ArcGIS Security 2021 Update 1 Patch.

The URL to download this patch is:

https://support.esri.com/en/download/7899

 

Summary

Esri highly recommends installing this patch to addressing the usability issues mentioned in the patch release summary page. In addition to fixes for those usability issues, this patch provides fixes for two moderate priority security vulnerabilities. These are:

BUG-000134926 – Unvalidated redirect issue in the ArcGIS Enterprise portal sign in page

BUG-000131991 – Reflected cross-site scripting (XSS) in the home application

Patches for these issues will be released for Portal for ArcGIS versions 10.5.1, 10.6.1, and 10.7.1 are upcoming. This blog will be updated when those patches are available.

Esri recommends that customers using Portal for ArcGIS 10.8.1 apply this patch in accordance with their organization’s timelines for addressing moderate security issues.

 

Share this article

Subscribe
Notify of
0 Comments
Oldest
Newest
Inline Feedbacks
View all comments