CVE Catalog

CVE-2026-33519

Critical
Published: Translated: NVD NIST

Summary

An incorrect authorization vulnerability exists in Esri Portal for ArcGIS versions 11.4, 11.5, and 12.0 on Windows, Linux, and Kubernetes that did not correctly check permissions assigned to developer credentials.

Risk Assessment

This vulnerability may lead to unauthorized access to resources, posing a threat to the organization's data security.

Recommendation

It is recommended to update to the latest version of the software and review and adjust permissions for developer credentials.

Original NVD description (English source)

An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS