Lucene search

solr -- Code execution via entity expansion

🗓️ 13 Oct 2017 00:00:00Reported by FreeBSDType

Solr code execution vulnerability via entity expansio

Reporter	Title	Published	Views	Family All 82
Tenable Nessus	Fedora 26 : lucene4 (2017-0929e71b41)	29 Nov 201700:00	–	nessus
Tenable Nessus	RHEL 6 : lucene (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	RHEL 6 / 7 : rh-java-common-lucene (RHSA-2017:3451)	27 Apr 202400:00	–	nessus
Tenable Nessus	Fedora 25 : lucene4 (2017-f1535b86fa)	29 Nov 201700:00	–	nessus
Tenable Nessus	Debian DLA-1254-1 : lucene-solr security update	22 Jan 201800:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS : Apache Solr vulnerability (USN-4259-1)	30 Jan 202000:00	–	nessus
Tenable Nessus	FreeBSD : solr -- Code execution via entity expansion (e837390d-0ceb-46b8-9b32-29c1195f5dc7)	16 Oct 201700:00	–	nessus
Tenable Nessus	Fedora 25 : lucene (2017-005f8f7f7d)	2 Nov 201700:00	–	nessus
Tenable Nessus	Fedora 27 : lucene (2017-9b3e2904bf)	15 Jan 201800:00	–	nessus
Tenable Nessus	Fedora 27 : lucene4 (2017-195e7ea9a8)	15 Jan 201800:00	–	nessus

Source	Link
lucene	www.lucene.472066.n3.nabble.com/Re-Several-critical-vulnerabilities-discovered-in-Apache-Solr-XXE-amp-RCE-td4358308.html
marc	www.marc.info/

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	apache-solr	5.1	UNKNOWN
FreeBSD	any	noarch	apache-solr	6.6.1	UNKNOWN

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Oct 2017 00:00Current

9.6High risk

Vulners AI Score9.6

CVSS27.5

CVSS39.8

EPSS0.93915