Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 07 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 07 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Esri
Esri portal For Arcgis |
|
| Vendors & Products |
Esri
Esri portal For Arcgis |
Tue, 07 Jul 2026 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes have a missing authentication for critical function vulnerability allows a remote, unauthenticated attacker to access an unprotected API. | |
| Title | Missing Authentication | |
| Weaknesses | CWE-640 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Esri
Published:
Updated: 2026-07-07T17:02:08.793Z
Reserved: 2026-06-23T16:51:42.540Z
Link: CVE-2026-13019
Updated: 2026-07-07T17:02:01.896Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-07T17:30:17Z