{"id":1220232,"date":"2021-05-04T16:34:59","date_gmt":"2021-05-04T23:34:59","guid":{"rendered":"https:\/\/www.esri.com\/arcgis-blog\/?post_type=blog&#038;p=1220232"},"modified":"2021-07-13T06:29:42","modified_gmt":"2021-07-13T13:29:42","slug":"arcgis-server-security-2021-update-1-patch","status":"publish","type":"blog","link":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch","title":{"rendered":"ArcGIS Server Security 2021 Update 1 Patch"},"author":5311,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"_acf_changed":false,"_searchwp_excluded":""},"categories":[37501],"tags":[23591,24081,759222,24361,760192],"industry":[],"product":[36571],"class_list":["post-1220232","blog","type-blog","status-publish","format-standard","hentry","category-administration","tag-arcgis-server","tag-ssamymlgp","tag-cve","tag-patch","tag-vulnerabilities","product-arcgis-enterprise"],"acf":{"short_description":"ArcGIS Server Security 2021 Update 1 Patch fixes one high priority vulnerability and multiple medium priority vulnerabilities.","flexible_content":[{"acf_fc_layout":"content","content":"<p>Esri has released the <a href=\"https:\/\/support.esri.com\/en\/download\/7879\">ArcGIS Server Security 2021 Update 1 Patch<\/a> that resolves a number of recently identified security vulnerabilities across versions 10.8.1, 10.7.1, and 10.6.1. As with all security patches, we encourage all system administrators to install security updates on relevant systems at your earliest opportunity.<\/p>\n"},{"acf_fc_layout":"sidebar","content":"<p style=\"text-align: center\"><strong>Key Highlights<\/strong><\/p>\n<ul>\n<li>The ArcGIS Server Security 2021 Update 1 Patch is now available for 10.8.1, 10.7.1, and 10.6.1.<\/li>\n<li>This patch addresses one high severity vulnerability and multiple medium severity vulnerabilities.<\/li>\n<li>System administrators: take the time to install this patch at your earliest opportunity.<\/li>\n<\/ul>\n","image_reference":false,"layout":"standard","image_reference_figure":"","snippet":"","spotlight_name":"","section_title":"","position":"Right","spotlight_image":false},{"acf_fc_layout":"content","content":"<p>This patch addresses one high severity vulnerability and multiple medium severity vulnerabilities have been addressed in the ArcGIS Server Security 2021 Update 1 Patch. We provide Common Vulnerability Scoring System (CVSS) scores to allow our customers to better assess risk of this vulnerability to their operations. Both the base score and a modified temporal score is provided to reflect the availability of an official patch.\u202f Please see\u202f<a href=\"https:\/\/www.first.org\/cvss\/\">Common Vulnerability Scoring System<\/a>\u202ffor more information on the definition of these metrics.<\/p>\n<p><strong>Vulnerabilities fixed in this patch include:<\/strong><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>A Server-Side Request Forgery (SSRF) vulnerability<\/strong> in Esri ArcGIS Server Manager version 10.8.1 and below may allow a remote, unauthenticated attacker to forge GET requests to arbitrary URLs from the system, potentially leading to network enumeration or facilitating other attacks.<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\"><strong>Common Vulnerability Scoring System (CVSS v3.1) Details<\/strong><\/p>\n<p style=\"padding-left: 80px\">9.1 Base Score, 8.7 Temporal Score<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Remediation Level: Official Fix Available<\/li>\n<li>Report Confidence: Confirmed by Esri<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\">#CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:N\/RL:O<\/p>\n<p style=\"padding-left: 80px\"><strong>Vulnerability Details\u00a0<\/strong><\/p>\n<p style=\"padding-left: 80px\">CVE-2021-29102\u202f\u2013 Server Side Request Forgery (SSRF) <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/918.html\">CWE-918<\/a>\u202f\u2013 CVSS\u00a08.7<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>A reflected Cross Site Scripting (XSS) vulnerability<\/strong> in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user&#8217;s browser.<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\"><strong>Common Vulnerability Scoring System (CVSS v3.1) Details<\/strong><\/p>\n<p style=\"padding-left: 80px\">6.1 Base Score, 5.8 Temporal Score<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Remediation Level: Official Fix Available<\/li>\n<li>Report Confidence: Confirmed by Esri<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\">#CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N\/RL:O<\/p>\n<p style=\"padding-left: 80px\"><strong>Vulnerability Details\u00a0<\/strong><\/p>\n<p style=\"padding-left: 80px\">CVE-2021-29103\u202f\u2013 Cross Site Scripting (XSS) <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/79.html\">CWE-79<\/a>\u202f\u2013 CVSS\u00a05.2<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>A stored Cross Site Scripting (XSS) vulnerability<\/strong> in Esri ArcGIS Server Manager version 10.6.1 (only) may allow a remote unauthenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application.<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\"><strong>Common Vulnerability Scoring System (CVSS v3.1) Details<\/strong><\/p>\n<p style=\"padding-left: 80px\">6.1 Base Score, 5.8 Temporal Score<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Remediation Level: Official Fix Available<\/li>\n<li>Report Confidence: Confirmed by Esri<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\">#CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N\/RL:O<\/p>\n<p style=\"padding-left: 80px\"><strong>Vulnerability Details\u00a0<\/strong><\/p>\n<p style=\"padding-left: 80px\">CVE-2021-29107\u202f\u2013 Cross Site Scripting (XSS) <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/79.html\">CWE-79<\/a>\u202f\u2013 CVSS\u00a05.2<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>A stored Cross Site Scripting (XSS) vulnerability<\/strong> in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory.<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\"><strong>Common Vulnerability Scoring System (CVSS v3.1) Details<\/strong><\/p>\n<p style=\"padding-left: 80px\">5.4 Base Score, 5.2 Temporal Score<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Remediation Level: Official Fix Available<\/li>\n<li>Report Confidence: Confirmed by Esri<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\">#CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N\/RL:O<\/p>\n<p style=\"padding-left: 80px\"><strong>Vulnerability Details\u00a0<\/strong><\/p>\n<p style=\"padding-left: 80px\">CVE-2021-29105\u202f\u2013 Cross Site Scripting (XSS) <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/79.html\">CWE-79<\/a>\u202f\u2013 CVSS\u00a05.2<\/p>\n<p style=\"padding-left: 40px\"><strong>Acknowledgements\u00a0<\/strong><\/p>\n<p style=\"padding-left: 40px\">Matthew Dekker &#8211; Security Consultant ZX Security Limited<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>A stored Cross Site Scripting (XSS) vulnerability<\/strong> in Esri ArcGIS Server Manager version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Server Manager application.<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\"><strong>Common Vulnerability Scoring System (CVSS v3.1) Details<\/strong><\/p>\n<p style=\"padding-left: 80px\">6.1 Base Score, 4.6 Temporal Score<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Remediation Level: Official Fix Available<\/li>\n<li>Report Confidence: Confirmed by Esri<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\">#CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N\/RL:O<\/p>\n<p style=\"padding-left: 80px\"><strong>Vulnerability Details\u00a0<\/strong><\/p>\n<p style=\"padding-left: 80px\">CVE-2021-29104 \u2013 Cross Site Scripting (XSS) <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/79.html\">CWE-79<\/a>\u202f\u2013 CVSS\u00a04.2<\/p>\n<p style=\"padding-left: 40px\"><strong>Acknowledgements\u00a0<\/strong><\/p>\n<p style=\"padding-left: 40px\">Roberto Suggi Liverani from NATO Cyber Security Centre (NCSC)<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>A reflected Cross Site Scripting (XSS) vulnerability<\/strong> in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user&#8217;s browser.<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\"><strong>Common Vulnerability Scoring System (CVSS v3.1) Details<\/strong><\/p>\n<p style=\"padding-left: 80px\">4.7 Base Score, 4.2 Temporal Score<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Remediation Level: Official Fix Available<\/li>\n<li>Report Confidence: Confirmed by Esri<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 80px\">#CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N\/E:P\/RL:O<\/p>\n<p style=\"padding-left: 80px\"><strong>Vulnerability Details\u00a0<\/strong><\/p>\n<p style=\"padding-left: 80px\"><em>CVE-2021-29106 <\/em>\u2013 Cross Site Scripting (XSS) <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/79.html\">CWE-79<\/a>\u202f\u2013 CVSS\u00a04.2<\/p>\n"}],"authors":[{"ID":5311,"user_firstname":"Randall","user_lastname":"Williams","nickname":"Randall Williams","user_nicename":"randallwilliams","display_name":"Randall Williams","user_email":"randall_williams@esri.com","user_url":"https:\/\/trust.arcgis.com","user_registered":"2018-03-02 00:17:03","user_description":"","user_avatar":"<img data-del=\"avatar\" src='https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png' class='avatar pp-user-avatar avatar-96 photo ' height='96' width='96'\/>"},{"ID":3911,"user_firstname":"Michael","user_lastname":"Young","nickname":"Michael Young","user_nicename":"myoung1000","display_name":"Michael Young","user_email":"myoung@esri.com","user_url":"http:\/\/trust.arcgis.com","user_registered":"2018-03-02 00:15:29","user_description":"","user_avatar":"<img data-del=\"avatar\" src='https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2021\/12\/SSP-213x200.jpg' class='avatar pp-user-avatar avatar-96 photo ' height='96' width='96'\/>"}],"related_articles":"","card_image":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2021\/05\/SA-Server.gif","wide_image":false},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.9 (Yoast SEO v25.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>ArcGIS Server Security 2021 Update 1 Patch<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ArcGIS Server Security 2021 Update 1 Patch\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\" \/>\n<meta property=\"og:site_name\" content=\"ArcGIS Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/esrigis\/\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-13T13:29:42+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@ESRI\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\"},\"author\":{\"name\":\"Randall Williams\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959\"},\"headline\":\"ArcGIS Server Security 2021 Update 1 Patch\",\"datePublished\":\"2021-05-04T23:34:59+00:00\",\"dateModified\":\"2021-07-13T13:29:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\"},\"wordCount\":5,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\"},\"keywords\":[\"ArcGIS Server\",\"ArcGIS Trust Center\",\"CVE\",\"Patch\",\"vulnerabilities\"],\"articleSection\":[\"Administration\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\",\"name\":\"ArcGIS Server Security 2021 Update 1 Patch\",\"isPartOf\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#website\"},\"datePublished\":\"2021-05-04T23:34:59+00:00\",\"dateModified\":\"2021-07-13T13:29:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esri.com\/arcgis-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ArcGIS Server Security 2021 Update 1 Patch\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#website\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/\",\"name\":\"ArcGIS Blog\",\"description\":\"Get insider info from Esri product teams\",\"publisher\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esri.com\/arcgis-blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\",\"name\":\"Esri\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png\",\"contentUrl\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png\",\"width\":400,\"height\":400,\"caption\":\"Esri\"},\"image\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/esrigis\/\",\"https:\/\/x.com\/ESRI\",\"https:\/\/www.linkedin.com\/company\/5311\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959\",\"name\":\"Randall Williams\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png\",\"contentUrl\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png\",\"caption\":\"Randall Williams\"},\"sameAs\":[\"https:\/\/trust.arcgis.com\"],\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/author\/randallwilliams\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"ArcGIS Server Security 2021 Update 1 Patch","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch","og_locale":"en_US","og_type":"article","og_title":"ArcGIS Server Security 2021 Update 1 Patch","og_url":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch","og_site_name":"ArcGIS Blog","article_publisher":"https:\/\/www.facebook.com\/esrigis\/","article_modified_time":"2021-07-13T13:29:42+00:00","twitter_card":"summary_large_image","twitter_site":"@ESRI","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#article","isPartOf":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch"},"author":{"name":"Randall Williams","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959"},"headline":"ArcGIS Server Security 2021 Update 1 Patch","datePublished":"2021-05-04T23:34:59+00:00","dateModified":"2021-07-13T13:29:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch"},"wordCount":5,"commentCount":0,"publisher":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization"},"keywords":["ArcGIS Server","ArcGIS Trust Center","CVE","Patch","vulnerabilities"],"articleSection":["Administration"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch","url":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch","name":"ArcGIS Server Security 2021 Update 1 Patch","isPartOf":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#website"},"datePublished":"2021-05-04T23:34:59+00:00","dateModified":"2021-07-13T13:29:42+00:00","breadcrumb":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esri.com\/arcgis-blog\/"},{"@type":"ListItem","position":2,"name":"ArcGIS Server Security 2021 Update 1 Patch"}]},{"@type":"WebSite","@id":"https:\/\/www.esri.com\/arcgis-blog\/#website","url":"https:\/\/www.esri.com\/arcgis-blog\/","name":"ArcGIS Blog","description":"Get insider info from Esri product teams","publisher":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esri.com\/arcgis-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization","name":"Esri","url":"https:\/\/www.esri.com\/arcgis-blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png","contentUrl":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png","width":400,"height":400,"caption":"Esri"},"image":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/esrigis\/","https:\/\/x.com\/ESRI","https:\/\/www.linkedin.com\/company\/5311\/"]},{"@type":"Person","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959","name":"Randall Williams","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/image\/","url":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png","contentUrl":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png","caption":"Randall Williams"},"sameAs":["https:\/\/trust.arcgis.com"],"url":"https:\/\/www.esri.com\/arcgis-blog\/author\/randallwilliams"}]}},"text_date":"May 4, 2021","author_name":"Multiple Authors","author_page":"https:\/\/www.esri.com\/arcgis-blog\/products\/arcgis-enterprise\/administration\/arcgis-server-security-2021-update-1-patch","custom_image":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2025\/08\/Newsroom-Keyart-Wide-1920-x-1080.jpg","primary_product":"ArcGIS Enterprise","tag_data":[{"term_id":23591,"name":"ArcGIS Server","slug":"arcgis-server","term_group":0,"term_taxonomy_id":23591,"taxonomy":"post_tag","description":"","parent":0,"count":53,"filter":"raw"},{"term_id":24081,"name":"ArcGIS Trust Center","slug":"ssamymlgp","term_group":0,"term_taxonomy_id":24081,"taxonomy":"post_tag","description":"","parent":0,"count":96,"filter":"raw"},{"term_id":759222,"name":"CVE","slug":"cve","term_group":0,"term_taxonomy_id":759222,"taxonomy":"post_tag","description":"","parent":0,"count":32,"filter":"raw"},{"term_id":24361,"name":"Patch","slug":"patch","term_group":0,"term_taxonomy_id":24361,"taxonomy":"post_tag","description":"","parent":0,"count":21,"filter":"raw"},{"term_id":760192,"name":"vulnerabilities","slug":"vulnerabilities","term_group":0,"term_taxonomy_id":760192,"taxonomy":"post_tag","description":"","parent":0,"count":4,"filter":"raw"}],"category_data":[{"term_id":37501,"name":"Administration","slug":"administration","term_group":0,"term_taxonomy_id":37501,"taxonomy":"category","description":"","parent":0,"count":427,"filter":"raw"}],"product_data":[{"term_id":36571,"name":"ArcGIS Enterprise","slug":"arcgis-enterprise","term_group":0,"term_taxonomy_id":36571,"taxonomy":"product","description":"","parent":0,"count":976,"filter":"raw"}],"primary_product_link":"https:\/\/www.esri.com\/arcgis-blog\/?s=#&products=arcgis-enterprise","_links":{"self":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog\/1220232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/users\/5311"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/comments?post=1220232"}],"version-history":[{"count":0,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog\/1220232\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/media?parent=1220232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/categories?post=1220232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/tags?post=1220232"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/industry?post=1220232"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/product?post=1220232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}