top of page
perceptive_background_267k.jpg

An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check perm…

Published:

20 April 2026 at 22:00:00

Alert date:

21 April 2026 at 22:04:46

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications, Identity & Access

An incorrect authorization vulnerability exists in Esri Portal for ArcGIS versions 11.4, 11.5 and 12.0 across Windows, Linux and Kubernetes platforms. The vulnerability stems from improper permission checking for developer credentials. This affects multiple versions of the popular GIS platform and could allow unauthorized access due to the authorization bypass. The vulnerability impacts enterprise GIS deployments across multiple operating systems and container platforms.

Technical details

Mitigation steps:

Affected products:

Esri Portal for ArcGIS

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-33519
https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/april2026_security_bulletin

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page