Information disclosure in Apache Solr



Published: 2018-05-24
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-8010
CWE-ID CWE-611
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Apache Solr
Client/Desktop applications / Other client software

Vendor Apache Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) XXE attack

EUVDB-ID: #VU13012

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8010

CWE-ID: CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

Exploit availability: No

Description

The vulnerability allows a remote attacker to conduct XXE attack and obtain potentially sensitive information.

The vulnerability exists in Xinclude functionality due to improper restriction of XML External Entity (XXE) references in solrconfig.xml, schema.xml, and managed-schema Solr configuration files. A remote attacker can send a file, FTP, or HTTP request that submits malicious input and read sensitive, local files from the system, which could be used to conduct further attacks.

Mitigation

Update to version 6.6.4 or 7.3.1.

Vulnerable software versions

Apache Solr: 6.6 - 7.3.0

External links

http://mail-archives.apache.org/mod_mbox/www-announce/201805.mbox/%3C08a801d3f0f9%24df46d300%249dd4...


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###