4 matches found
Security Bulletin: Potential vulnerability (SSRF) in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2017-3164)
Summary Server Side Request Forgery vulnerability in Apache Solr could allow attacker with access to make Solr perform a HTTP to any reachable URL. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding...
Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server
Summary A vulnerability in Apache Solr lucene was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding allowlist mechanism in the shards parameter. By...
Security Bulletin: Potential vulnerability (SSRF) in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2017-3164)
Summary Server Side Request Forgery vulnerability in Apache Solr could allow attacker with access to make Solr perform a HTTP to any reachable URL. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding...
CVE-2017-3164
CVE-2017-3164 is an SSRF vulnerability in Apache Solr affecting Log Analysis (IBM) versions 1.3.1–1.3.6 (Solr 1.3.x to 7.6). The shards parameter lacks a whitelist, allowing remote attackers with server access to trigger HTTP GET requests to any reachable URL. Connected Nessus/NASL entries corrob...