XXE attack in Apache Solr - CVE-2018-1308
Published: April 12, 2018
Vulnerability identifier: #VU11780
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2018-1308
CWE-ID: CWE-611
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Apache Foundation
Affected software:
Apache Solr
Apache Solr
Detailed vulnerability description
The vulnerability allows a remote unauthenticated attacker to conduct XXE attack on the target system.
The weakness exists in the dataConfig request parameter in the DataImportHandler due to improper information control. A remote attacker can make a customized file, FTP, or HTTP request, conduct an XXE attack, gain access to potentially sensitive, local file information on the system or to access sensitive information from the internal network in which the system resides.
How to mitigate CVE-2018-1308
Update to versions 6.6.3 or 7.3.0.