Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_98929
HistoryJan 27, 2020 - 12:00 a.m.

Apache Solr 8.1.1 < 8.3.0 Remote Code Execution

2020-01-2700:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
JSON

CVE-2019-12409 is a flaw in the default configuration of the solr.in.sh file in Apache Solr. If this file is used in its default configuration in versions 8.1.1 and 8.2.0, unauthenticated access to the Java Management Extensions (JMX) monitoring on the RMI_PORT (default 18983) is allowed. Anyone with access to a vulnerable Solr server, and, in turn, JMX, could upload malicious code that could then be executed.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersionCPE
apachesolr*cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*

Related

symantec 1
osv 2
threatpost 1
f5 1
prion 1
attackerkb 1
redhatcve 1
githubexploit 1
ubuntucve 1
nessus 2
github 1
debiancve 1
cve 1
checkpoint_advisories 1
symantec
symantec
Apache Solr for Linux CVE-2019-12409 Remote Code Execution Vulnerability
2019-08-12 00:00:00
osv
osv
Unrestricted upload of file with dangerous type in Apache Solr
2020-01-28 22:26:54
CVE-2019-12409
2019-11-18 21:15:11
threatpost
threatpost
Apache Solr Bug Gets Bumped Up to High Severity
2019-11-20 19:41:57
f5
f5
K23720587 : Apache Solr vulnerability CVE-2019-12409
2019-12-03 00:00:00
prion
prion
Default configuration
2019-11-18 21:15:00
attackerkb
attackerkb
Apache Solr 8.11, 8.20 have unauthenticated JMX server enabled in default config
2019-09-11 00:00:00
redhatcve
redhatcve
CVE-2019-12409
2019-11-20 20:07:26
githubexploit
githubexploit
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Solr
2019-11-19 08:53:56
ubuntucve
ubuntucve
CVE-2019-12409
2019-11-18 00:00:00
nessus
nessus
Apache Solr 8.1.1, 8.2.0 Remote JMX RMI Deserialization Vulnerability
2019-12-19 00:00:00
Apache Solr 8.1.1 / 8.2.0 Remote Code Execution Vulnerability
2019-11-21 00:00:00
github
github
Unrestricted upload of file with dangerous type in Apache Solr
2020-01-28 22:26:54
debiancve
debiancve
CVE-2019-12409
2019-11-18 21:15:00
cve
cve
CVE-2019-12409
2019-11-18 21:15:00
checkpoint_advisories
checkpoint_advisories
Apache Solr Remote Code Execution (CVE-2019-12409; CVE-2019-17558)
2019-11-20 00:00:00
JSON
Related for WEB_APPLICATION_SCANNING_98929
symantec1osv2threatpost1f51prion1attackerkb1redhatcve1githubexploit1ubuntucve1nessus2github1debiancve1cve1checkpoint_advisories1