K000160725: Apache Solr vulnerability CVE-2026-22022

Security Advisory Description Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet al...

CVE-2026-22022

CVE-2026-22022 affects Apache Solr 5.3.0 through 9.10.0 that use Solr’s RuleBasedAuthorizationPlugin with a multi-role security.json config and a permission list that includes one or more of config-read, config-edit, schema-read, metrics-read, or security-read but does not define the all permissi...

Linux Distros Unpatched Vulnerability : CVE-2021-29943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server...

Linux Distros Unpatched Vulnerability : CVE-2017-3164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 inclusive. Since the shards parameter does not have a corresponding whitelist mechanism, a...

Linux Distros Unpatched Vulnerability : CVE-2017-3163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However,...

Security Bulletin: Vulnerabilities in Apache Solr (lucene) affect IBM Operations Analytics - Log Analysis (CVE-2025-24814, CVE-2024-52012)

Summary There are vulnerabilities in privilege escalation and arbitrary filepath write-access that affect Apache Solr used by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2025-24814 DESCRIPTION: Core creation allows users to replace "trusted" configset files with...

BIT-SOLR-2021-27905 SSRF vulnerability with the Replication handler

The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...

Incorrect Authorization in Apache Solr

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...

Code injection

When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be...

CVE-2021-27905

The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...

CVE-2019-12401

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack a.k.a. Lol Bomb via it’s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML...

Apache Solr Remote Code Execution Vulnerability

Apache Solr is an open source enterprise search platform written in Java. A remote code execution vulnerability exists in Apache Solr versions 5.0.0 - 5.5.5, 6.0.0 - 6.6.5. The vulnerability stems from the Config API allowing configuration of a JMX server via HTTP POST requests. An attacker can...

Apache Solr XML External Entity Multiple Information Disclosure Vulnerability

Apache Solr is a U.S. Apache Apache Software Foundation based on Lucene a full-text search engine architecture of the search server , which supports level search , vertical search , highlighting search results , a variety of output formats and so on. An XML External Entity Multiple Information...

Apache Solr XML External Entity Injection Vulnerability (CNVD-2018-10076)

Apache Solr is a U.S. Apache Apache Software Foundation based on Lucene a full-text search engine architecture of the search server , which supports level search , vertical search , highlighting search results , a variety of output formats and so on. An XML external entity injection vulnerability...

Apache Solr XEE and RCE Vulnerability (SOLR-11477) - Windows

Apache Solr is vulnerable to an XML Entity Expansion XEE vulnerability leading to remote code execution RCE. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...