SB2018022813 - Debian update for lucene-solr

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018022813

SB2018022813 - Debian update for lucene-solr

Published: February 28, 2018 Updated: August 15, 2025

Security Bulletin ID SB2018022813
CSH Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 vulnerabilities.


1) Path traversal (CVE-ID: CVE-2017-3163)

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to obtain potentially sensitive information on the atrget system.

The weakness exists the Index Replication feature due to pulling index files from a master/leader node using an HTTP API which accepts a file name and improper validation of the file name. A remote attacker can submit a specially crafted special request, conduct path traversal attack, leaving any file readable to the Solr server process exposed.

2) Command injection (CVE-ID: CVE-2017-12629)

CWE-ID: CWE-77 - Command injection

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber


The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the RunExecutableListener function due to insufficient security restrictions. A remote attacker can submit a specially crafted query to the affected system, inject arbitrary command and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References