CVE-2021-27905

2021-04-14T13:27:58
ID RH:CVE-2021-27905
Type redhatcve
Reporter redhat.com
Modified 2021-05-05T17:45:54

Description

A flaw was found in solr. The ReplicationHandler in Apache Solr does not check proper parameters when connecting to another Solr instance to replicate index data into the local core leading to a SSRF vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Mitigation

Restrict access to the replication handler to only internal Solr instances.