Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 3:28 p.m.5 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect authorisation and XML external entity (XXE) vulnerabilities due to Apache Solr.

Summary Apache Solr is used by IBM Operations Analytics - Log Analysis as part of managing Solr collection and arbitary local file. CVE-2018-11802, CVE-2018-1308. Vulnerability Details CVEID:CVE-2018-11802 DESCRIPTION: In Apache Solr, the cluster can be partitioned into multiple collections and...

7.5CVSS6.3AI score0.20937EPSS
Exploits0Affected Software1
Debian
Debian
added 2018/05/06 5:43 p.m.30 views

[SECURITY] [DSA 4194-1] lucene-solr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4194-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2018 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.20937EPSS
Exploits0
Debian
Debian
added 2018/04/24 5:57 p.m.27 views

[SECURITY] [DLA 1360-1] lucene-solr security update

Package : lucene-solr Version : 3.6.0+dfsg-1+deb7u4 CVE ID : CVE-2018-1308 Debian Bug : 896604 It was discovered that there was an XML external entity expansion XXE vulnerability in lucene-solr, a search engine library for Java. It could be exploited to read arbitrary local files from the Solr...

7.5CVSS7.5AI score0.20937EPSS
Exploits0
NVD
NVD
added 2018/04/09 1:29 p.m.17 views

CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...

7.5CVSS7.3AI score0.20937EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/04/09 3:48 a.m.26 views

CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the = parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network...

7.5CVSS2.1AI score0.20937EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/04/09 12:0 a.m.18 views

Apache Solr XXE Vulnerability (SOLR-11971) - Windows

Apache Solr is prone to a XXE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:solr"; if description...

7.5CVSS7.5AI score0.20937EPSS
Exploits0References1
Rows per page
Query Builder