CVE-2020-13941

2020-08-1712:16:37

apache

www.cve.org

cve-2020-13941

solr-14515

solr-14561

replication handler

backup

restore

deletebackup

solr 8.6.0

AI Score

8.8

Confidence

High

EPSS

0.006

Percentile

79.3%

JSON

Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler (https://lucene.apache.org/solr/guide/8_6/index-replication.html#http-api-commands-for-the-replicationhandler) allows commands backup, restore and deleteBackup. Each of these take a location parameter, which was not validated, i.e you could read/write to any location the solr user can access.

CNA Affected

[
  {
    "product": "Apache Solr",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to 8.6.0"
      }
    ]
  }
]