Information disclosure in Apache Solr

Published: 2018-04-12 11:43:07
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-1308
CVSSv3 4.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CWE ID CWE-611
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software Apache Solr
Vulnerable software versions Apache Solr 1.2
Apache Solr 1.3
Apache Solr 1.4
Show more
Vendor URL Apache Foundation

Security Advisory

1) XXE attack

Description

The vulnerability allows a remote unauthenticated attacker to conduct XXE attack on the target system.

The weakness exists in the dataConfig request parameter in the DataImportHandler due to improper information control. A remote attacker can make a customized file, FTP, or HTTP request, conduct an XXE attack, gain access to potentially sensitive, local file information on the system or to access sensitive information from the internal network in which the system resides.

Remediation

Update to versions 6.6.3 or 7.3.0.

External links

https://issues.apache.org/jira/browse/SOLR-11971
https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053...

Back to List