{"id":1126242,"date":"2021-02-01T17:48:34","date_gmt":"2021-02-02T01:48:34","guid":{"rendered":"https:\/\/www.esri.com\/arcgis-blog\/?post_type=blog&#038;p=1126242"},"modified":"2026-02-20T08:57:05","modified_gmt":"2026-02-20T16:57:05","slug":"portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues","status":"publish","type":"blog","link":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues","title":{"rendered":"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues"},"author":136891,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"_acf_changed":false,"_searchwp_excluded":""},"categories":[37501],"tags":[43671,24081,759222,23311,24071],"industry":[],"product":[36571],"class_list":["post-1126242","blog","type-blog","status-publish","format-standard","hentry","category-administration","tag-administration","tag-ssamymlgp","tag-cve","tag-portal-for-arcgis","tag-security","product-arcgis-enterprise"],"acf":{"short_description":"Portal for ArcGIS Security 2020 Update 2 Patch is now available. Esri recommends ArcGIS Enterprise 10.6.1 and 10.7.1 apply this patch.","flexible_content":[{"acf_fc_layout":"content","content":"<p>Portal for ArcGIS Security 2020 Update 2 Patch is now live on the support site. This patch contains fixes for one critical and multiple high and moderate priority security issues.<\/p>\n<p>The URL to download this patch is:<\/p>\n<p><strong>Portal for ArcGIS Security 2020 Update 2 Patch <\/strong><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/download\/7837\">https:\/\/support.esri.com\/en\/download\/7837<\/a><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>Portal for ArcGIS Security 2020 Update 2 Patch is now available. This patch contains fixes for one critical security issue and multiple high and moderate priority security issues. Esri highly recommends customers using Portal for ArcGIS 10.7.1 and 10.6.1 install this patch. Users at version 10.6 and 10.7 should upgrade to 10.6.1 or 10.7.1 to install this patch. ArcGIS 10.5.1 is in mature support status and no longer receives patches. Users working with ArcGIS Enterprise 10.5.1 and below are encouraged to upgrade to versions 10.8.1 (preferred), 10.7.1 or 10.6.1 and install available security patches.<\/p>\n<p>The following security issues are addressed in this patch:<\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzNjg0MA==\"><strong>BUG-000136840<\/strong><\/a>\u00a0SSRF vulnerability in Portal for ArcGIS.<br \/>\nCVSSv3.1 Base Score:\u00a09.8 (Critical) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEyODE5Mw==\"><strong>BUG-000128193<\/strong><\/a>\u00a0Cross-site request forgery (CSRF) vulnerability in Portal for ArcGIS<br \/>\nCVSS 3.0 Base Score: 8.8\u00a0(High) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjM1Ng==\"><strong>BUG-000132356<\/strong><\/a>\u00a0Reflected XSS vulnerability in Portal for ArcGIS<br \/>\nCVSS 3.1 Base Score: 8.8 (High) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjM1Nw==\"><strong>BUG-000132357<\/strong><\/a>\u00a0Reflected XSS vulnerability in Portal for ArcGIS<br \/>\nCVSS 3.1 Base Score: 8.8\u00a0(High) \u00a0<a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjM1Mw==\"><strong>BUG-000132353<\/strong><\/a>\u00a0XXE and SSRF vulnerability in Portal for ArcGIS<br \/>\nCVSS 3.0 Base Score: 8.6 (High) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:N\/A:N\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:N\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjM1MQ==\"><strong>BUG-000132351<\/strong><\/a>\u00a0Uncontrolled resource exhaustion issue in Portal for ArcGIS<br \/>\nCVSS 3.0 Base Score: 7.5 (High) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzNDkyNg==\"><strong>BUG-000134926<\/strong><\/a>\u00a0 Unvalidated redirect issue in the ArcGIS Enterprise portal sign in page<br \/>\n(10.7.1 only) CVSSv3.1 Base Score:\u00a06.1 (Moderate) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjQ0OQ==\"><strong>BUG-000132449<\/strong><\/a>\u00a0 Portal proxy does not fully honor allowedProxyHosts parameter<br \/>\nCVSS 3.1 Base Score: 5.9 (Moderate) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N\">CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjQ1Mg==\"><strong>BUG-000132452<\/strong><\/a>\u00a0Reflected XSS in Portal for ArcGIS Home app (10.6.1 only)<br \/>\nCVSS 3.1 Base Score: 5.4\u00a0(Moderate) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:L\/A:N\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:L\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEyNzQ3Mg==\"><strong>BUG-000127472<\/strong><\/a>\u00a0Stored XSS issue in Web AppBuilder<br \/>\nCVSS 3.0 Base Score: 4.6 (Moderate)\u00a0<a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:N\">CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEyMzY5Mg==\"><strong>BUG-000123692<\/strong><\/a>\u00a0Stored XSS in Portal for ArcGIS Map Viewer<br \/>\nCVSS 3.0 Base Score: 4.6 (Moderate) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.1#CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:N\">CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMzI1NQ==\"><strong>BUG-000133255<\/strong><\/a><strong>\u00a0<\/strong>Portal for ArcGIS system properties are not properly encrypted<br \/>\nCVSS 3.0 Base Score: 4.4 (Moderate) <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.0#CVSS:3.0\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N\">CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N<\/a><\/p>\n<p><a href=\"https:\/\/support.esri.com\/en\/bugs\/nimbus\/QlVHLTAwMDEzMjM1OQ==\"><strong>BUG-000132359<\/strong><\/a>\u00a0 Unable to make proxy requests to an external url after applying the Portal for ArcGIS Security 2020 Update 1 Patch<\/p>\n<p>As follow up to the release of this revised patch, the following BUG updates were made.<\/p>\n<ol>\n<li>\nBUG-000137920 &#8211; When installing Portal for ArcGIS Security 2020 Update 2 Patch, different names are displayed for Portal for ArcGIS content folders with non-English titles.<br \/>\nThe Public Explanation now states:<\/li>\n<\/ol>\n<p>Update March 22, 2021: The Portal for ArcGIS Security 2020 Update 2 Patch was re-released on March 22, 2021 to resolve BUG-000137920. The revised Portal for ArcGIS Security 2020 Update 2 Patch that includes a resolution for BUG-000137920 is now available for download on the support site. The URL is: https:\/\/support.esri.com\/en\/download\/7837.<\/p>\n<ol start=\"2\">\n<li>\nBUG-000120300 &#8211; Avoid prompt for authentication on FeatureLayer associated to publicly shared SceneLayer.<\/li>\n<\/ol>\n<p>Update March 22, 2021: The Portal for ArcGIS 10.6.1 Security 2020 Update 2 Patch was re-released on March 22, 2021 to include a fix for BUG-000120300. While a resolution for BUG-000120300 was planned for inclusion in the initial Portal for ArcGIS 10.6.1 Security 2020 Update 2 Patch, as noted in the Issues Addressed section of the patch page, further testing showed that the fix was not fully included in the patch. The revised version of the Portal for ArcGIS 10.6.1 Security 2020 Update 2 Patch that includes a resolution for BUG-000120300 is available for download on the support site.<\/p>\n<p>The URL is: https:\/\/support.esri.com\/en\/download\/7837.<\/p>\n<p>The Portal for ArcGIS Security 2020 Update 2 Patch is now live on the support site. The URL is: https:\/\/support.esri.com\/en\/download\/7837.<\/p>\n<p>Esri strongly recommends that customers using Portal for ArcGIS 10.7.1 apply this patch in accordance with their organization&#8217;s timelines for addressing high priority security issues. Customers using Portal for ArcGIS 10.6.1 apply this patch in accordance with their organization&#8217;s timelines for addressing critical priority security issues<\/p>\n"}],"authors":[{"ID":136891,"user_firstname":"Mark","user_lastname":"Bierman","nickname":"Mark Bierman","user_nicename":"mbierman","display_name":"Mark Bierman","user_email":"MBierman@esri.com","user_url":"","user_registered":"2020-12-08 21:10:04","user_description":"","user_avatar":"<img data-del=\"avatar\" src='https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2023\/06\/softwaresecurity-213x200.png' class='avatar pp-user-avatar avatar-96 photo ' height='96' width='96'\/>"}],"related_articles":"","card_image":false,"wide_image":false},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.9 (Yoast SEO v25.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\" \/>\n<meta property=\"og:site_name\" content=\"ArcGIS Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/esrigis\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-20T16:57:05+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@ESRI\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\"},\"author\":{\"name\":\"Mark Bierman\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/928a9a9a1a21dc0cf370b54b135e73ed\"},\"headline\":\"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues\",\"datePublished\":\"2021-02-02T01:48:34+00:00\",\"dateModified\":\"2026-02-20T16:57:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\"},\"wordCount\":15,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\"},\"keywords\":[\"administration\",\"ArcGIS Trust Center\",\"CVE\",\"Portal for ArcGIS\",\"Security\"],\"articleSection\":[\"Administration\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\",\"name\":\"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues\",\"isPartOf\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#website\"},\"datePublished\":\"2021-02-02T01:48:34+00:00\",\"dateModified\":\"2026-02-20T16:57:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esri.com\/arcgis-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#website\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/\",\"name\":\"ArcGIS Blog\",\"description\":\"Get insider info from Esri product teams\",\"publisher\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esri.com\/arcgis-blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\",\"name\":\"Esri\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png\",\"contentUrl\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png\",\"width\":400,\"height\":400,\"caption\":\"Esri\"},\"image\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/esrigis\/\",\"https:\/\/x.com\/ESRI\",\"https:\/\/www.linkedin.com\/company\/5311\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/928a9a9a1a21dc0cf370b54b135e73ed\",\"name\":\"Mark Bierman\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2023\/06\/softwaresecurity-213x200.png\",\"contentUrl\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2023\/06\/softwaresecurity-213x200.png\",\"caption\":\"Mark Bierman\"},\"url\":\"\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues","og_locale":"en_US","og_type":"article","og_title":"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues","og_url":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues","og_site_name":"ArcGIS Blog","article_publisher":"https:\/\/www.facebook.com\/esrigis\/","article_modified_time":"2026-02-20T16:57:05+00:00","twitter_card":"summary_large_image","twitter_site":"@ESRI","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#article","isPartOf":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues"},"author":{"name":"Mark Bierman","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/928a9a9a1a21dc0cf370b54b135e73ed"},"headline":"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues","datePublished":"2021-02-02T01:48:34+00:00","dateModified":"2026-02-20T16:57:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues"},"wordCount":15,"commentCount":0,"publisher":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization"},"keywords":["administration","ArcGIS Trust Center","CVE","Portal for ArcGIS","Security"],"articleSection":["Administration"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues","url":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues","name":"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues","isPartOf":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#website"},"datePublished":"2021-02-02T01:48:34+00:00","dateModified":"2026-02-20T16:57:05+00:00","breadcrumb":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/portal-for-arcgis-security-2020-update-2-patch-resolves-one-critical-and-multiple-high-priority-security-issues#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esri.com\/arcgis-blog\/"},{"@type":"ListItem","position":2,"name":"Portal for ArcGIS Security 2020 Update 2 Patch resolves one critical and multiple high priority security issues"}]},{"@type":"WebSite","@id":"https:\/\/www.esri.com\/arcgis-blog\/#website","url":"https:\/\/www.esri.com\/arcgis-blog\/","name":"ArcGIS Blog","description":"Get insider info from Esri product teams","publisher":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esri.com\/arcgis-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization","name":"Esri","url":"https:\/\/www.esri.com\/arcgis-blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png","contentUrl":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png","width":400,"height":400,"caption":"Esri"},"image":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/esrigis\/","https:\/\/x.com\/ESRI","https:\/\/www.linkedin.com\/company\/5311\/"]},{"@type":"Person","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/928a9a9a1a21dc0cf370b54b135e73ed","name":"Mark Bierman","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/image\/","url":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2023\/06\/softwaresecurity-213x200.png","contentUrl":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2023\/06\/softwaresecurity-213x200.png","caption":"Mark Bierman"},"url":""}]}},"text_date":"February 1, 2021","author_name":"Mark Bierman","author_page":false,"custom_image":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2025\/08\/Newsroom-Keyart-Wide-1920-x-1080.jpg","primary_product":"ArcGIS Enterprise","tag_data":[{"term_id":43671,"name":"administration","slug":"administration","term_group":0,"term_taxonomy_id":43671,"taxonomy":"post_tag","description":"","parent":0,"count":51,"filter":"raw"},{"term_id":24081,"name":"ArcGIS Trust Center","slug":"ssamymlgp","term_group":0,"term_taxonomy_id":24081,"taxonomy":"post_tag","description":"","parent":0,"count":96,"filter":"raw"},{"term_id":759222,"name":"CVE","slug":"cve","term_group":0,"term_taxonomy_id":759222,"taxonomy":"post_tag","description":"","parent":0,"count":31,"filter":"raw"},{"term_id":23311,"name":"Portal for ArcGIS","slug":"portal-for-arcgis","term_group":0,"term_taxonomy_id":23311,"taxonomy":"post_tag","description":"","parent":0,"count":28,"filter":"raw"},{"term_id":24071,"name":"Security","slug":"security","term_group":0,"term_taxonomy_id":24071,"taxonomy":"post_tag","description":"","parent":0,"count":124,"filter":"raw"}],"category_data":[{"term_id":37501,"name":"Administration","slug":"administration","term_group":0,"term_taxonomy_id":37501,"taxonomy":"category","description":"","parent":0,"count":422,"filter":"raw"}],"product_data":[{"term_id":36571,"name":"ArcGIS Enterprise","slug":"arcgis-enterprise","term_group":0,"term_taxonomy_id":36571,"taxonomy":"product","description":"","parent":0,"count":972,"filter":"raw"}],"primary_product_link":"https:\/\/www.esri.com\/arcgis-blog\/?s=#&products=arcgis-enterprise","_links":{"self":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog\/1126242","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/users\/136891"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/comments?post=1126242"}],"version-history":[{"count":0,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog\/1126242\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/media?parent=1126242"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/categories?post=1126242"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/tags?post=1126242"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/industry?post=1126242"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/product?post=1126242"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}