Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/08/03 9:7 a.m.27 views

Security Bulletin: Potential vulnerability (SSRF) in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2017-3164)

Summary Server Side Request Forgery vulnerability in Apache Solr could allow attacker with access to make Solr perform a HTTP to any reachable URL. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding...

7.5CVSS0.7AI score0.19442EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/14 4:40 p.m.28 views

Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server

Summary A vulnerability in Apache Solr lucene was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding allowlist mechanism in the shards parameter. By...

7.5CVSS0.3AI score0.19442EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/30 11:50 a.m.25 views

Security Bulletin: Potential vulnerability (SSRF) in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2017-3164)

Summary Server Side Request Forgery vulnerability in Apache Solr could allow attacker with access to make Solr perform a HTTP to any reachable URL. Vulnerability Details CVEID: CVE-2017-3164 DESCRIPTION: Apache Solr is vulnerable to server-side request forgery, caused by not having corresponding...

7.5CVSS0.6AI score0.19442EPSS
Exploits0Affected Software1
CVE
CVE
added 2019/03/08 9:0 p.m.105 views

CVE-2017-3164

CVE-2017-3164 is an SSRF vulnerability in Apache Solr affecting Log Analysis (IBM) versions 1.3.1–1.3.6 (Solr 1.3.x to 7.6). The shards parameter lacks a whitelist, allowing remote attackers with server access to trigger HTTP GET requests to any reachable URL. Connected Nessus/NASL entries corrob...

7.5CVSS7.4AI score0.19442EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder