CVE-2023-50386

🗓️ 09 Feb 2024 17:28:51Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 391 Views🌐 WEB

CVE-2023-50386 Apache Solr 6.0.0-8.11.2, 9.0.0-9.4.1 allows unrestricted upload of dangerous file types, enabling execution of untrusted code

Reporter	Title	Published	Views	Family All 33
0day.today	Apache Solr Backup/Restore API Remote Code Execution Exploit	24 Apr 202400:00	–	zdt
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Solr affect watsonx.data	7 Feb 202510:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Apache Solr Vulerabilities Affect IBM OpenPages	19 Aug 202418:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager for March 2024 - Multiple CVEs addressed	9 Apr 202416:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache Solr (lucene) affects IBM Operations Analytics - Log Analysis (CVE-2023-50386, CVE-2023-50298, CVE-2023-50292, CVE-2023-50291)	14 Apr 202508:13	–	ibm
GithubExploit	Exploit for Improper Control of Dynamically-Managed Code Resources in Apache Solr	29 Feb 202408:57	–	githubexploit
Chainguard	CVE-2023-50386 vulnerabilities	9 Feb 202418:15	–	cgr
Circl	CVE-2023-50386	9 Feb 202419:26	–	circl
CNNVD	Apache Solr Code Issue Vulnerability	9 Feb 202400:00	–	cnnvd
Cvelist	CVE-2023-50386 Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets	9 Feb 202417:28	–	cvelist

NVD

Vulners

Vulnrichment

Node

apache solrRange6.0.0–8.11.3

apache solrRange9.0.0–9.4.1

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache Solr",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "8.11.2",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "9.4.1",
        "status": "affected",
        "version": "9.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
solr	www.solr.apache.org/security.html
openwall	www.openwall.com/lists/oss-security/2024/02/09/1

Parameter	Position	Path	Description	CWE
action	request body	solr/admin/configs	Unrestricted upload to Solr ConfigSets via the Configs API (UPLOAD) enabling deployment of malicious libraries.	CWE-913, CWE-434
name	request body	solr/admin/configs	Unrestricted upload to Solr ConfigSets via the Configs API (UPLOAD) enabling deployment of malicious libraries.	CWE-913, CWE-434
action	query param	solr/admin/collections	Backup/restore operations exposed via the Collections API (BACKUP) can be abused to store/load harmful artifacts on classpath, enabling RCE.	CWE-913, CWE-434
collection	query param	solr/admin/collections	Backup/restore operations exposed via the Collections API (BACKUP) can be abused to store/load harmful artifacts on classpath, enabling RCE.	CWE-913, CWE-434
location	query param	solr/admin/collections	Backup/restore operations exposed via the Collections API (BACKUP) can be abused to store/load harmful artifacts on classpath, enabling RCE.	CWE-913, CWE-434
name	query param	solr/admin/collections	Backup/restore operations exposed via the Collections API (BACKUP) can be abused to store/load harmful artifacts on classpath, enabling RCE.	CWE-913, CWE-434

24 Apr 2025 16:15Current

8.2High risk

Vulners AI Score8.2

CVSS 3.18.8

EPSS0.86843

SSVC