CVE-2013-6397

🗓️ 07 Dec 2013 20:55:02Reported by [email protected]Type

Directory traversal vulnerability in Apache Solr allowing remote file acces

Reporter	Title	Published	Views	Family All 31
Tenable Nessus	Apache Solr < 4.6.0 Directory Traversal	13 Feb 201700:00	–	nessus
Tenable Nessus	Debian DSA-2963-1 : lucene-solr - security update	18 Jun 201400:00	–	nessus
Tenable Nessus	Apache Solr < 4.6.0 'SolrResourceLoader' Directory Traversal	7 Jan 201400:00	–	nessus
Tenable Nessus	Apache Solr 4.0.0 < 4.6.0 Directory Traversal	22 Jan 202000:00	–	nessus
BDU FSTEC	Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
Check Point Advisories	Apache Solr SolrResourceLoader Directory Traversal (CVE-2013-6397)	30 Dec 201300:00	–	checkpoint_advisories
CVE	CVE-2013-6397	7 Dec 201320:00	–	cve
Cvelist	CVE-2013-6397	7 Dec 201320:00	–	cvelist
Debian	[SECURITY] [DSA 2963-1] lucene-solr security update	17 Jun 201419:32	–	debian
Debian CVE	CVE-2013-6397	7 Dec 201320:00	–	debiancve

NVD

Node

apache solrRange≤4.5.1

apache solrMatch4.0.0

apache solrMatch4.0.0alpha

apache solrMatch4.0.0beta

apache solrMatch4.1.0

apache solrMatch4.2.0

apache solrMatch4.2.1

apache solrMatch4.3.0

apache solrMatch4.3.1

apache solrMatch4.4.0

apache solrMatch4.5.0

Source	Link
securityfocus	www.securityfocus.com/bid/63935
secunia	www.secunia.com/advisories/59372
openwall	www.openwall.com/lists/oss-security/2013/11/27/1
lucene	www.lucene.apache.org/solr/4_6_0/changes/Changes.html
rhn	www.rhn.redhat.com/errata/RHSA-2013-1844.html
rhn	www.rhn.redhat.com/errata/RHSA-2014-0029.html
issues	www.issues.apache.org/jira/browse/SOLR-4882
agarri	www.agarri.fr/kom/archives/2013/11/27/compromising_an_unreachable_solr_server_with_cve-2013-6397/index.html
secunia	www.secunia.com/advisories/55730

29 Apr 2026 01:13Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24.3

EPSS0.90931