Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2019/02/19 12:0 a.m.2 views

Apache Solr XML External Entity Expansion Information Disclosure (CVE-2018-8010)

An XML external entity expansion vulnerability exists in Apache Solr. The vulnerability is due to improper handling of XML external entities. Successful exploitation results in the disclosure of file or directory contents for any file or directory readable by the Apache Solr service...

2.1CVSS1.2AI score0.03917EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/13 11:24 p.m.17 views

Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server

Summary A vulnerability in Apache Solr lucene was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2018-8010 DESCRIPTION: Apache Solr could allow a remote attacker to obtain sensitive information, caused by an XML external entity expansion XXE in config files...

5.5CVSS0.9AI score0.03917EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2018/05/22 12:0 a.m.39 views

Apache Solr 6.x < 6.6.4 and 7.x < 7.3.1 XXE Vulnerability (SOLR-12316) - Linux

Apache Solr is prone to an XML external entity XXE expansion vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.5CVSS5.4AI score0.03917EPSS
Exploits0References2
CVE
CVE
added 2018/05/21 7:0 p.m.91 views

CVE-2018-8010

The CVE-2018-8010 issue affects Apache Solr 6.0.0–6.6.3 and 7.0.0–7.3.0, arising from an XML External Entity (XXE) expansion in Solr’s config files (solrconfig.xml, schema.xml, managed-schema) and related XInclude handling. An attacker could use XXE via file/ftp/http references to read arbitrary ...

5.5CVSS5.2AI score0.03917EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder