Vulnerability-Lookup

CNVD-2021-25715

Vulnerability from cnvd - Published: 2021-04-08

Title

Esri多款产品缓冲区溢出漏洞

Description

ESRI ArcGIS Enterprise等都是美国环境系统研究所（ESRI）公司的产品。ArcGIS Enterprise是一套GIS（地理信息系统）的基础软件系统。Esri Arcgis Server等都是美国Esri（Esri）公司的产品。Esri Arcgis Server是一个面向Web的可用于提供地理位置服务的企业级软件平台。Esri Esri ArcGIS Server是一个应用软件。 Esri多款产品存在缓冲区溢出漏洞，攻击者可利用该漏洞在当前用户的上下文中实现任意代码执行。

Severity

中

Patch Name

Esri多款产品缓冲区溢出漏洞的补丁

Patch Description

Formal description

厂商已提供漏洞修补方案，请关注厂商主页及时更新： https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-29098

Impacted products

Name
['ESRI Arcgis Engine <=10.8.1', 'ESRI Arcgis Pro <=2.7', 'ESRI Arcgis Desktop']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-29098"
    }
  },
  "description": "ESRI ArcGIS Enterprise\u7b49\u90fd\u662f\u7f8e\u56fd\u73af\u5883\u7cfb\u7edf\u7814\u7a76\u6240\uff08ESRI\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002ArcGIS Enterprise\u662f\u4e00\u5957GIS\uff08\u5730\u7406\u4fe1\u606f\u7cfb\u7edf\uff09\u7684\u57fa\u7840\u8f6f\u4ef6\u7cfb\u7edf\u3002Esri Arcgis Server\u7b49\u90fd\u662f\u7f8e\u56fdEsri\uff08Esri\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Esri Arcgis Server\u662f\u4e00\u4e2a\u9762\u5411Web\u7684\u53ef\u7528\u4e8e\u63d0\u4f9b\u5730\u7406\u4f4d\u7f6e\u670d\u52a1\u7684\u4f01\u4e1a\u7ea7\u8f6f\u4ef6\u5e73\u53f0\u3002Esri Esri ArcGIS Server\u662f\u4e00\u4e2a\u5e94\u7528\u8f6f\u4ef6\u3002\n\nEsri\u591a\u6b3e\u4ea7\u54c1\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u5b9e\u73b0\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-25715",
  "openTime": "2021-04-08",
  "patchDescription": "ESRI ArcGIS Enterprise\u7b49\u90fd\u662f\u7f8e\u56fd\u73af\u5883\u7cfb\u7edf\u7814\u7a76\u6240\uff08ESRI\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002ArcGIS Enterprise\u662f\u4e00\u5957GIS\uff08\u5730\u7406\u4fe1\u606f\u7cfb\u7edf\uff09\u7684\u57fa\u7840\u8f6f\u4ef6\u7cfb\u7edf\u3002Esri Arcgis Server\u7b49\u90fd\u662f\u7f8e\u56fdEsri\uff08Esri\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Esri Arcgis Server\u662f\u4e00\u4e2a\u9762\u5411Web\u7684\u53ef\u7528\u4e8e\u63d0\u4f9b\u5730\u7406\u4f4d\u7f6e\u670d\u52a1\u7684\u4f01\u4e1a\u7ea7\u8f6f\u4ef6\u5e73\u53f0\u3002Esri Esri ArcGIS Server\u662f\u4e00\u4e2a\u5e94\u7528\u8f6f\u4ef6\u3002\r\n\r\nEsri\u591a\u6b3e\u4ea7\u54c1\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u5b9e\u73b0\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Esri\u591a\u6b3e\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ESRI Arcgis Engine \u003c=10.8.1",
      "ESRI Arcgis Pro \u003c=2.7",
      "ESRI Arcgis Desktop"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-29098",
  "serverity": "\u4e2d",
  "submitTime": "2021-03-29",
  "title": "Esri\u591a\u6b3e\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2021-29098 (GCVE-0-2021-29098)

Vulnerability from cvelistv5 – Published: 2021-03-25 20:37 – Updated: 2025-04-10 15:22

Title

ArcGIS general raster security update: uninitialized pointer

Summary

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-824 - Access of Uninitialized Pointer

Assigner

Esri

References

URL

Tags

	https://www.esri.com/arcgis-blog/products/arcgis/…	x_refsource_CONFIRM
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

Vendor

Product

Version

Esri

ArcReader

Affected: All , < 10.9.0 (custom)

Esri	ArcGIS Desktop	Affected: All , < 10.9.0 (custom)
Esri	ArcGIS Engine	Affected: All , < 10.9.0 (custom)
Esri	ArcGIS Engine	Affected: All , < 10.9.0 (custom)
Esri	ArcGIS Engine	Affected: All , < 10.9.0 (custom)
Esri	ArcGIS Engine	Affected: All , < 10.9.0 (custom)
Esri	ArcGIS Pro	Affected: All , < 4.7.2 (custom)
Esri	ArcGIS Desktop Background Geoprocessing	Affected: All , < 10.9.0 (custom)
Esri	ArcGIS Desktop Background Geoprocessing	Affected: All , < 10.9.0 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:50.333Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-361/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-362/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-372/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-29098",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-10T14:50:14.442719Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-10T15:22:04.460Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x86 Windows"
          ],
          "product": "ArcReader",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x86 Windows"
          ],
          "product": "ArcGIS Desktop",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "X64 Windows"
          ],
          "product": "ArcGIS Engine",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64 Linux"
          ],
          "product": "ArcGIS Engine",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "X86 Windows"
          ],
          "product": "ArcGIS Engine",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "X86 Linux"
          ],
          "product": "ArcGIS Engine",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64 Windows"
          ],
          "product": "ArcGIS Pro",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "4.7.2",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64 Windows"
          ],
          "product": "ArcGIS Desktop Background Geoprocessing",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64 Linux"
          ],
          "product": "ArcGIS Desktop Background Geoprocessing",
          "vendor": "Esri",
          "versions": [
            {
              "lessThan": "10.9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-03-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-824",
              "description": "CWE-824 Access of Uninitialized Pointer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-31T18:08:21.000Z",
        "orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e",
        "shortName": "Esri"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-361/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-362/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-372/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "ArcGIS general raster security update: uninitialized pointer",
      "x_generator": {
        "engine": "Vulnogram 0.0.8"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@esri.com",
          "DATE_PUBLIC": "2021-03-16T04:00:00.000Z",
          "ID": "CVE-2021-29098",
          "STATE": "PUBLIC",
          "TITLE": "ArcGIS general raster security update: uninitialized pointer"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ArcReader",
                      "version": {
                        "version_data": [
                          {
                            "platform": "x86 Windows",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ArcGIS Desktop",
                      "version": {
                        "version_data": [
                          {
                            "platform": "x86 Windows",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ArcGIS Engine",
                      "version": {
                        "version_data": [
                          {
                            "platform": "X64 Windows",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          },
                          {
                            "platform": "x64 Linux",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          },
                          {
                            "platform": "X86 Windows",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          },
                          {
                            "platform": "X86 Linux",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ArcGIS Pro",
                      "version": {
                        "version_data": [
                          {
                            "platform": "x64 Windows",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "4.7.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ArcGIS Desktop Background Geoprocessing",
                      "version": {
                        "version_data": [
                          {
                            "platform": "x64 Windows",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          },
                          {
                            "platform": "x64 Linux",
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "10.9.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Esri"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.8"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-824 Access of Uninitialized Pointer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/",
              "refsource": "CONFIRM",
              "url": "https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-361/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-361/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-362/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-362/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-372/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-372/"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e",
    "assignerShortName": "Esri",
    "cveId": "CVE-2021-29098",
    "datePublished": "2021-03-25T20:37:05.516Z",
    "dateReserved": "2021-03-23T00:00:00.000Z",
    "dateUpdated": "2025-04-10T15:22:04.460Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-25715

CVE-2021-29098 (GCVE-0-2021-29098)

Tags

Sightings

Nomenclature