{"vulnerability": "CVE-2023-25834", "sightings": [{"uuid": "bd720674-c31f-426f-9495-df1cc4f89eff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25834", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11314", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25834\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specific use cases. This issue may allow users to access content that they are no longer privileged to access.\n\ud83d\udccf Published: 2023-05-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T18:36:49.951Z\n\ud83d\udd17 References:\n1. https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/\n2. https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095", "creation_timestamp": "2025-04-10T18:49:33.000000Z"}, {"uuid": "cfcfda94-90da-41be-aeb3-628530b236dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25834", "type": "seen", "source": "https://t.me/cibsecurity/63641", "content": "\u203c CVE-2023-25834 \u203c\n\nChanges to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specific use cases. This issue may allow users to access content that they are no longer privileged to access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T20:38:59.000000Z"}]}