Esri have released patches to fix an ArcGIS Server vulnerability which could potentially result in secured services and their data being exposed to users when they should not otherwise have access.

Patches can be downloaded for ArcGIS Server versions from 10.2.1 to 10.6 on both Windows and Linux, and we recommend customers install the appropriate patch as soon as possible.

See further information in this blog article.