SB2018022813 - Debian update for lucene-solr
Published: February 28, 2018 Updated: August 15, 2025
Security Bulletin ID
SB2018022813
Severity
High
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Path traversal (CVE-ID: CVE-2017-3163)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the atrget system.The weakness exists the Index Replication feature due to pulling index files from a master/leader node using an HTTP API which accepts a file name and improper validation of the file name. A remote attacker can submit a specially crafted special request, conduct path traversal attack, leaving any file readable to the Solr server process exposed.
2) Command injection (CVE-ID: CVE-2017-12629)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists in the RunExecutableListener function due to insufficient security restrictions. A remote attacker can submit a specially crafted query to the affected system, inject arbitrary command and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.
References
- https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csol...
- http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3C018601d343b3$53868c50$fa93a4...
- http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E