Latest Contributions by RandallWilliams

There is an updated version in the customer exclusive documents repository in the ArcGIS Trust Center.  https://trust.arcgis.com/en/customer-documents/   ... View more

Esri is aware of CVE-2023-4863, which has recently seen broad media attention due to the impact to the commonly leveraged image library libwebp.  We are also tracking CVE-2023-5217, which has not attracted as much media attention.   The libwebp library is used to process images created in the webp image format.   CVE-2023-4863 is known to have been exploited in the wild by an attacker tricking a victim into opening an HTML page that contains a specifically crafted webp image, triggering a buffer overflow.   CVE-2023-5217 is a similar issue, found in libvpx.   The libpvx library is used to process videos created with the VPX codec.   CVE-2023-5217 is also known to have been exploited in the wild.   We are investigating the impact of these vulnerabilities in these 3rd party components in our software. We encourage you to subscribe to the RSS feed on the ArcGIS Trust Center for the latest as it becomes available. ... View more

Web server logs will be the best way to collect this information.  ... View more

OOPS, I'm forever tranposing the vuln scan guidnce and the AV guidance and the link is indeed broken. I'll work with our doc team to get this fixed.      ... View more

Agree on the "too many layers" point. those should be split into different services with themes. Nobody's going to view all 100 of those layers at a time. I believe that this may be the answer to your question though: https://enterprise.arcgis.com/en/server/10.6/publish-services/windows/map-authoring-considerations.htm#ESRI_SECTION1_4C54586DEB0445B4B97AF15856E546AB ... View more

Looks like your front end web server may only support HTTP/2, where Workflow Manager likely requires HTTP/1.1. - or potentially vice-versa.  Because the front end is sending in a format than the back-end server expects, an error is thrown.  ... View more

Link changed w/ version 3.1: https://trust.arcgis.com/en/customer-documents/ArcGIS_Vulnerability_Scanning_Guidance_v31.pdf   Check out the other resources in the customer exclusive area of the ArcGIS Trust Center. You may also find the WAF guide helpful.  ... View more

@CarlosBarahona Yes. We recently implemented the webAuthN API and are working on the design to allow admins to require MFA for built-in accounts. WebAuthN was a prerequisite. This feature should be implemented in the near future.  ... View more

In a future release, we'll be offering a headless token approach that should ease some of this challenge. That will allow for mandatory MFA for user accounts along with the ability to use "service accounts".   ArcGIS Enterprise now supports gMSA out of the box.  ... View more

Sorry about that, I could have sworn they were archives, not binary files. You can explode the cache using desktop or a tool like https://mapproxy.org/docs/1.13.0/mapproxy_util.html#export ... View more

It's possible, but you shouldn't have to and I'd recommend against it. A .bundle file is just a gzipped collection of files and folders, and modern AV scanners should be able to see inside of it without unpacking it. 7zip should be able to open a cache bundle, but depending on how many tiles and LODs there are, it could take a very very long time to extract them all and may consume a lot of space on disk.  ... View more

If your IA team needs an artifact, they can look this up in our 3rd party CVE response tool. It's in the customer exclusive documents are in the ArcGIS Trust Center.  ... View more

No, this functionality does not exist. You need access to the web server root.  ... View more