{"id":1850872,"date":"2023-04-17T11:35:28","date_gmt":"2023-04-17T18:35:28","guid":{"rendered":"https:\/\/www.esri.com\/arcgis-blog\/?post_type=blog&#038;p=1850872"},"modified":"2024-05-13T08:41:47","modified_gmt":"2024-05-13T15:41:47","slug":"portal-for-arcgis-security-2023-update-1-patch-is-now-available","status":"publish","type":"blog","link":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available","title":{"rendered":"Portal for ArcGIS Security 2023 Update 1 Patch is now available"},"author":5311,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"_acf_changed":false,"_searchwp_excluded":""},"categories":[37501],"tags":[42301,759222,30141,241722],"industry":[],"product":[763582],"class_list":["post-1850872","blog","type-blog","status-publish","format-standard","hentry","category-administration","tag-arcgis-enterprise","tag-cve","tag-security-patch","tag-ssamlymlgp","product-trust-arcgis"],"acf":{"short_description":"Esri has released the Portal for ArcGIS Security 2023 Update 1 Patch that resolves multiple security vulnerabilities.","flexible_content":[{"acf_fc_layout":"content","content":"<p>Esri has released the Portal for ArcGIS Security 2023 Update 1 Patch that resolves multiple high and medium severity security vulnerabilities across versions 11.0, 10.9.1, 10.8.1, and 10.7.1.<\/p>\n<p>This patch was released on April 17, 2023 and is available <a href=\"https:\/\/support.esri.com\/en-us\/patches-updates\/2023\/portal-for-arcgis-security-2023-update-1-patch-8095\"><em>here<\/em><\/a>.<\/p>\n<p>We provide\u00a0<a href=\"https:\/\/www.first.org\/cvss\/v3.1\/user-guide\">Common Vulnerability Scoring System v.3.1 (CVSS)<\/a>\u00a0scores to allow our customers to better assess risk of these vulnerabilities to their operations.\u00a0 Both base and modified temporal scores are provided to reflect the availability of an official patch.<\/p>\n<p><b>Important Note May 16, 2023:<\/b>\u00a0The 10.9.1 version of the Portal for ArcGIS 10.9.1 Security 2023 Update 1 Patch has been updated to address BUG-000157748. Please download and install the new setup. It is not necessary to uninstall the original patch, the new setup will install and replace the original patch. BUG-000157748 only affects version 10.9.1 of the Portal for ArcGIS Security 2023 Update 1 Patch.<\/p>\n<p>BUG-000157748 After installing the Portal for ArcGIS 10.9.1 Security 2023 Update 1 Patch, Map Viewer&#8217;s Styles panel fails to load and other panels (Filter, Clustering) subsequently fail to load.<\/p>\n<p><b>Important Note May 17, 2023:<\/b>\u00a0The 10.8.1 and 10.7.1 Portal for ArcGIS Security 2023 Update 1 Patch setups have been updated to allow installation using a Chef Cookbooks or PowerShell DSC automation script.\u00a0Please download and install the new setup. It is not necessary to uninstall the original patch, the new setup will install and replace the original patch.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n"},{"acf_fc_layout":"sidebar","content":"<p><strong>Key Highlights<\/strong><\/p>\n<ul>\n<li>The Portal for ArcGIS Security 2023 Update 1 Patch is now available for versions 11.0, 10.9,1 10.8.1, and 10.7.1.<\/li>\n<li>System administrators: take the time to install this patch at your earliest opportunity to address these vulnerabilities.<\/li>\n<\/ul>\n","image_reference":false,"layout":"standard","image_reference_figure":"","snippet":"","spotlight_name":"","section_title":"","position":"Right","spotlight_image":false},{"acf_fc_layout":"content","content":"<h2><strong>Vulnerabilities fixed by this patch<\/strong><\/h2>\n<p><strong>There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 <\/strong>that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying\u00a0phishing attacks.<\/p>\n<ul>\n<li><strong>CVE Details: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25829\">CVE-2023-25829<\/a><\/strong>\n<ul>\n<li>CWE-601: URL Redirection to Untrusted Site (&#8216;Open Redirect&#8217;)<\/li>\n<li>Base CVSSv31: 6.1 CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/li>\n<li>Environmentally Modified CVSSv3.1: 4.6\u00a0 \/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N\/RL:O\/MAV:A\/MPR:L<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Esri Bug ID: <a href=\"https:\/\/support.esri.com\/en-us\/bug\/unvalidated-redirect-in-portal-for-arcgis-bug-000155001\">BUG-000155001<\/a><\/strong><\/p>\n<p><strong>There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1<\/strong> which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser.<\/p>\n<ul>\n<li><strong>CVE Details: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25830\">CVE-2023-25830<\/a><\/strong>\n<ul>\n<li>Mitigation: Leverage a WAF to filter JavaScript from URL query parameters<\/li>\n<li>CWE-79: Improper Neutralization of Input During Web Page Generation (&#8216;Cross-site Scripting&#8217;)<\/li>\n<li>Base CVSSv3.1:\u00a0 6.1 CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Esri Bug ID: BUG-000154662<\/strong><\/p>\n<p><strong>There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1<\/strong> which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser.<\/p>\n<ul>\n<li><strong>CVE Details: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25831\">CVE-2023-25831<\/a><\/strong>\n<ul>\n<li>Mitigation: Leverage a WAF to filter JavaScript from URL query parameters<\/li>\n<li>CWE-79: Improper Neutralization of Input During Web Page Generation (&#8216;Cross-site Scripting&#8217;<\/li>\n<li>Base CVSSv3.1:\u00a0 6.1 \/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Esri Bug ID: <a href=\"https:\/\/support.esri.com\/en-us\/bug\/there-is-a-reflected-crosssite-scripting-xss-vulnerabil-bug-000154236\">BUG-000154236<\/a><\/strong><\/p>\n<p><strong>There is a cross-site-request forgery<\/strong> <strong>vulnerability in Esri Portal for ArcGIS Versions 11.0 and below<\/strong> that may allow an attacker to trick an authorized user into executing unwanted actions under the context of the victim&#8217;s browser.<\/p>\n<ul>\n<li><strong>CVE Details: C<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25832\">VE-2023-25832<\/a><\/strong>\n<ul>\n<li>CWE-352: Cross-Site Request Forgery (CSRF)<\/li>\n<li>Base CVSSv3.1: 6.8 &#8211; CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H<\/li>\n<li>Environmentally modified CVSSv3.1: 4.6 &#8211; \/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:N\/RL:W<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Esri Bug ID: <a href=\"https:\/\/support.esri.com\/en-us\/bug\/there-is-a-crosssite-request-forgery-csrf-vulnerability-bug-000148346\">BUG-000148346<\/a><\/strong><\/p>\n<p><strong>There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below<\/strong> that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim\u2019s browser.<\/p>\n<ul>\n<li><strong>CVE Details: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25833\">CVE-2023-25833<\/a><\/strong>\n<ul>\n<li>CWE-79: Improper Neutralization of Input During Web Page Generation (&#8216;Cross-site Scripting&#8217;)<\/li>\n<li>Base CVSSv3.1 5.4 &#8211; CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N<\/li>\n<li>Environmentally Modified CVSSv3.1: 4.1 \/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:N\/I:L\/A:N<\/li>\n<li>Mitigation: Disable the Portal for ArcGIS Services Directory per best practices<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Esri Bug ID: <a href=\"https:\/\/support.esri.com\/en-us\/bug\/html-injection-issue-in-portal-for-arcgis-bug-000155004\">BUG-000155004<\/a><\/strong><\/p>\n<p><strong>Changes to user permissions in Portal for ArcGIS 10.9.1 and below<\/strong> are incompletely applied in specific use cases. This issue may allow users to access content that they should no longer be privileged to access.<\/p>\n<ul>\n<li><strong>CVE Details: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-258343\">CVE-2023-25834<\/a><\/strong>\n<ul>\n<li>CWE-269: Improper Privilege Management<\/li>\n<li>Base CVSSv3.1: 3.4: 4.1 CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:N\/I:L\/A:N<\/li>\n<li>Environmentally Modified CVSSv3.1: 3.4 \/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N\/RL:W\/MC:L\/MI:N<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Esri Bug ID: <a href=\"https:\/\/support.esri.com\/en-us\/bug\/incomplete-permission-changes-in-specific-cases-bug-000142922\">BUG-000142922<\/a><\/strong><\/p>\n"}],"related_articles":"","authors":[{"ID":5311,"user_firstname":"Randall","user_lastname":"Williams","nickname":"Randall Williams","user_nicename":"randallwilliams","display_name":"Randall Williams","user_email":"randall_williams@esri.com","user_url":"https:\/\/trust.arcgis.com","user_registered":"2018-03-02 00:17:03","user_description":"","user_avatar":"<img data-del=\"avatar\" src='https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png' class='avatar pp-user-avatar avatar-96 photo ' height='96' width='96'\/>"}],"card_image":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2021\/07\/SA-Portal.gif","wide_image":false},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.9 (Yoast SEO v25.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Portal for ArcGIS Security 2023 Update 1 Patch is now available<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Portal for ArcGIS Security 2023 Update 1 Patch is now available\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\" \/>\n<meta property=\"og:site_name\" content=\"ArcGIS Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/esrigis\/\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-13T15:41:47+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@ESRI\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\"},\"author\":{\"name\":\"Randall Williams\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959\"},\"headline\":\"Portal for ArcGIS Security 2023 Update 1 Patch is now available\",\"datePublished\":\"2023-04-17T18:35:28+00:00\",\"dateModified\":\"2024-05-13T15:41:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\"},\"wordCount\":9,\"publisher\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\"},\"keywords\":[\"ArcGIS Enterprise\",\"CVE\",\"security patch\",\"SSAMLYMLGP\"],\"articleSection\":[\"Administration\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\",\"name\":\"Portal for ArcGIS Security 2023 Update 1 Patch is now available\",\"isPartOf\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#website\"},\"datePublished\":\"2023-04-17T18:35:28+00:00\",\"dateModified\":\"2024-05-13T15:41:47+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esri.com\/arcgis-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Portal for ArcGIS Security 2023 Update 1 Patch is now available\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#website\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/\",\"name\":\"ArcGIS Blog\",\"description\":\"Get insider info from Esri product teams\",\"publisher\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esri.com\/arcgis-blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#organization\",\"name\":\"Esri\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png\",\"contentUrl\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png\",\"width\":400,\"height\":400,\"caption\":\"Esri\"},\"image\":{\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/esrigis\/\",\"https:\/\/x.com\/ESRI\",\"https:\/\/www.linkedin.com\/company\/5311\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959\",\"name\":\"Randall Williams\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png\",\"contentUrl\":\"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png\",\"caption\":\"Randall Williams\"},\"sameAs\":[\"https:\/\/trust.arcgis.com\"],\"url\":\"https:\/\/www.esri.com\/arcgis-blog\/author\/randallwilliams\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Portal for ArcGIS Security 2023 Update 1 Patch is now available","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available","og_locale":"en_US","og_type":"article","og_title":"Portal for ArcGIS Security 2023 Update 1 Patch is now available","og_url":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available","og_site_name":"ArcGIS Blog","article_publisher":"https:\/\/www.facebook.com\/esrigis\/","article_modified_time":"2024-05-13T15:41:47+00:00","twitter_card":"summary_large_image","twitter_site":"@ESRI","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available#article","isPartOf":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available"},"author":{"name":"Randall Williams","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959"},"headline":"Portal for ArcGIS Security 2023 Update 1 Patch is now available","datePublished":"2023-04-17T18:35:28+00:00","dateModified":"2024-05-13T15:41:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available"},"wordCount":9,"publisher":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization"},"keywords":["ArcGIS Enterprise","CVE","security patch","SSAMLYMLGP"],"articleSection":["Administration"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available","url":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available","name":"Portal for ArcGIS Security 2023 Update 1 Patch is now available","isPartOf":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#website"},"datePublished":"2023-04-17T18:35:28+00:00","dateModified":"2024-05-13T15:41:47+00:00","breadcrumb":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.esri.com\/arcgis-blog\/products\/trust-arcgis\/administration\/portal-for-arcgis-security-2023-update-1-patch-is-now-available#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esri.com\/arcgis-blog\/"},{"@type":"ListItem","position":2,"name":"Portal for ArcGIS Security 2023 Update 1 Patch is now available"}]},{"@type":"WebSite","@id":"https:\/\/www.esri.com\/arcgis-blog\/#website","url":"https:\/\/www.esri.com\/arcgis-blog\/","name":"ArcGIS Blog","description":"Get insider info from Esri product teams","publisher":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esri.com\/arcgis-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esri.com\/arcgis-blog\/#organization","name":"Esri","url":"https:\/\/www.esri.com\/arcgis-blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png","contentUrl":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/04\/Esri.png","width":400,"height":400,"caption":"Esri"},"image":{"@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/esrigis\/","https:\/\/x.com\/ESRI","https:\/\/www.linkedin.com\/company\/5311\/"]},{"@type":"Person","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/6257d65f342fee9c48e7f16f9a428959","name":"Randall Williams","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esri.com\/arcgis-blog\/#\/schema\/person\/image\/","url":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png","contentUrl":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2018\/08\/softwaresecurity.png","caption":"Randall Williams"},"sameAs":["https:\/\/trust.arcgis.com"],"url":"https:\/\/www.esri.com\/arcgis-blog\/author\/randallwilliams"}]}},"text_date":"April 17, 2023","author_name":"Randall Williams","author_page":"https:\/\/www.esri.com\/arcgis-blog\/author\/randallwilliams","custom_image":"https:\/\/www.esri.com\/arcgis-blog\/app\/uploads\/2025\/08\/Newsroom-Keyart-Wide-1920-x-1080.jpg","primary_product":"ArcGIS Trust Center","tag_data":[{"term_id":42301,"name":"ArcGIS Enterprise","slug":"arcgis-enterprise","term_group":0,"term_taxonomy_id":42301,"taxonomy":"post_tag","description":"","parent":0,"count":209,"filter":"raw"},{"term_id":759222,"name":"CVE","slug":"cve","term_group":0,"term_taxonomy_id":759222,"taxonomy":"post_tag","description":"","parent":0,"count":32,"filter":"raw"},{"term_id":30141,"name":"security patch","slug":"security-patch","term_group":0,"term_taxonomy_id":30141,"taxonomy":"post_tag","description":"","parent":0,"count":20,"filter":"raw"},{"term_id":241722,"name":"SSAMLYMLGP","slug":"ssamlymlgp","term_group":0,"term_taxonomy_id":241722,"taxonomy":"post_tag","description":"","parent":0,"count":25,"filter":"raw"}],"category_data":[{"term_id":37501,"name":"Administration","slug":"administration","term_group":0,"term_taxonomy_id":37501,"taxonomy":"category","description":"","parent":0,"count":427,"filter":"raw"}],"product_data":[{"term_id":763582,"name":"ArcGIS Trust Center","slug":"trust-arcgis","term_group":0,"term_taxonomy_id":763582,"taxonomy":"product","description":"Reserved for articles authored by the ArcGIS Trust Center team","parent":36981,"count":89,"filter":"raw"}],"primary_product_link":"https:\/\/www.esri.com\/arcgis-blog\/?s=#&products=trust-arcgis","_links":{"self":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog\/1850872","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/users\/5311"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/comments?post=1850872"}],"version-history":[{"count":0,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/blog\/1850872\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/media?parent=1850872"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/categories?post=1850872"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/tags?post=1850872"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/industry?post=1850872"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.esri.com\/arcgis-blog\/wp-json\/wp\/v2\/product?post=1850872"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}