CVE-2025-4967 is a critical Server-Side Request Forgery (SSRF) vulnerability identified in Esri Portal for ArcGIS versions 11.4 and prior. SSRF vulnerabilities occur when an attacker can abuse a server functionality to make HTTP requests to arbitrary domains or internal systems, potentially bypassing network access controls. In this case, the vulnerability allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections, meaning the attacker can craft requests that the Portal forwards to internal or external resources without proper validation or restrictions. This can lead to unauthorized access to internal services, sensitive data exposure, or interaction with internal network infrastructure that is otherwise inaccessible from the outside. The vulnerability has a CVSS v3.1 base score of 9.1, indicating a critical severity level. The vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) shows that the attack can be performed remotely over the network with low attack complexity, requires no privileges or user interaction, and impacts confidentiality and integrity severely, though it does not affect availability. Although no known exploits are reported in the wild yet, the ease of exploitation and critical impact make this a high-risk vulnerability. Esri Portal for ArcGIS is a widely used geographic information system (GIS) platform for managing spatial data and mapping services, often deployed in government, utilities, transportation, and environmental sectors. The SSRF flaw could allow attackers to pivot into internal networks, access sensitive geospatial data, or manipulate portal services, potentially disrupting critical infrastructure operations or leaking confidential information.

For European organizations, the impact of this vulnerability is significant due to the widespread use of Esri Portal for ArcGIS in public sector agencies, utilities, transportation authorities, and environmental monitoring bodies. Successful exploitation could lead to unauthorized access to internal GIS data repositories, which often contain sensitive infrastructure layouts, critical environmental data, and strategic planning information. This could facilitate espionage, sabotage, or data theft. Moreover, attackers could leverage SSRF to scan internal networks, access metadata services in cloud environments, or exploit other internal services, increasing the attack surface and risk of lateral movement. The confidentiality and integrity of critical geospatial data could be compromised, undermining decision-making processes and operational security. Given the criticality of GIS data in emergency response, urban planning, and national security, this vulnerability poses a substantial risk to European organizations relying on Esri Portal for ArcGIS.

Organizations should immediately assess their use of Esri Portal for ArcGIS and prioritize patching once an official fix is released by Esri. Until patches are available, network-level mitigations should be implemented, such as restricting outbound HTTP requests from the Portal server to only trusted destinations using firewall rules or proxy filtering. Employing Web Application Firewalls (WAFs) with custom rules to detect and block SSRF patterns can reduce risk. Monitoring logs for unusual outbound requests from the Portal server can help detect exploitation attempts. Additionally, organizations should review and minimize the Portal’s network permissions and isolate it within segmented network zones to limit potential lateral movement. Regularly updating and hardening the Portal configuration, disabling unnecessary features that allow external requests, and enforcing strict input validation on user-supplied URLs or parameters are also recommended. Finally, conducting internal penetration testing focused on SSRF scenarios can help identify residual weaknesses.