6 matches found
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect authorisation and XML external entity (XXE) vulnerabilities due to Apache Solr.
Summary Apache Solr is used by IBM Operations Analytics - Log Analysis as part of managing Solr collection and arbitary local file. CVE-2018-11802, CVE-2018-1308. Vulnerability Details CVEID:CVE-2018-11802 DESCRIPTION: In Apache Solr, the cluster can be partitioned into multiple collections and...
Security Bulletin: Apache Solr vulnerability affects IBM Operations Analytics - Log Analysis (CVE-2018-11802)
Summary Remote attacker could bypass Apache Solr security restrictions Vulnerability Details CVEID: CVE-2018-11802 DESCRIPTION: Apache Solr could allow a remote attacker to bypass security restrictions, caused by an authorization bug. By sending a specially-crafted request, an attacker could...
CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...
CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...
CVE-2018-11802
CVE-2018-11802 involves Apache Solr authorization bypass: if a node receives a request for a collection it does not host, it proxies the request to a node that does host it, bypassing all authorization settings. This affects Solr versions prior to 7.7 that use the default RuleBasedAuthorizationPl...
CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...