4 matches found
Apache Solr XML External Entity Expansion Information Disclosure (CVE-2018-8010)
An XML external entity expansion vulnerability exists in Apache Solr. The vulnerability is due to improper handling of XML external entities. Successful exploitation results in the disclosure of file or directory contents for any file or directory readable by the Apache Solr service...
Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server
Summary A vulnerability in Apache Solr lucene was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2018-8010 DESCRIPTION: Apache Solr could allow a remote attacker to obtain sensitive information, caused by an XML external entity expansion XXE in config files...
Apache Solr 6.x < 6.6.4 and 7.x < 7.3.1 XXE Vulnerability (SOLR-12316) - Linux
Apache Solr is prone to an XML external entity XXE expansion vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2018-8010
The CVE-2018-8010 issue affects Apache Solr 6.0.0–6.6.3 and 7.0.0–7.3.0, arising from an XML External Entity (XXE) expansion in Solr’s config files (solrconfig.xml, schema.xml, managed-schema) and related XInclude handling. An attacker could use XXE via file/ftp/http references to read arbitrary ...