11 matches found
EUVD-2021-1201
Malware in sbrugna...
BIT-SOLR-2021-29943 Apache Solr Unprivileged users may be able to perform unauthorized read/write to collections
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts...
Apache Solr 7.x < 7.7.4 / 8.x < 8.8.2 Multiple Vulnerabilities
The version of Apache Solr running on the remote host is 7.x prior to 7.7.4, or 8.x prior to 8.8.2. It is, therefore, affected by multiple vulnerabilities, including the following: - The ReplicationHandler normally registered at '/replication' under a Solr core has a 'masterUrl' also 'leaderUrl'...
Incorrect Authorization in Apache Solr
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts...
CVE-2021-29943
A flaw was found in solr. Server credentials, instead of client credentials, are used for authenticating forward/proxy distributed requests using the ConfigurableInternodeAuthHadoopPlugin resulting in incorrect authorization resolution on the receiving hosts. The highest threat from this...
Insecure Access Controls
solr-core uses insecure access controls. When using ConfigurableInternodeAuthHadoopPlugin for authentication, requests using server credentials instead of original client credentials would forward/proxy distributed. This would result in incorrect authorization resolution on the receiving hosts...
CVE-2021-29943
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts...
CVE-2021-29943
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts...
Authorization
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts...
CVE-2021-29943
CVE-2021-29943 affects Apache Solr: when using ConfigurableInternodeAuthHadoopPlugin for authentication, Solr versions prior to 8.8.2 forwarded distributed requests using server credentials instead of the original client credentials. This mis-credentialing leads to incorrect authorization resolut...
CVE-2021-29943
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts...