Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-0192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a...

9.8CVSS8.1AI score0.77508EPSS
Exploits1References2
Hacker One
Hacker One
added 2020/08/19 4:7 a.m.188 views

U.S. Dept Of Defense: Remote Code Execution on █████████

Summary: An unauth solr lead to RCE on ██████████ Description: Hello, I found a solr unauth at https://██████/solr/ This version is 5.5.1, vulnerable with CVE-2019-0192 and CVE-2019-0193, i have try CVE-2019-0193 and successful RCE. Impact Attacker can get shell on server. Step-by-step Reproducti...

9CVSS2.1AI score0.83547EPSS
Exploits4
GithubExploit
GithubExploit
added 2019/11/01 1:46 p.m.134 views

Exploit for Deserialization of Untrusted Data in Apache Solr

Solr-RCE-CVE-2019-0192 Apache Solr remote code e...

9.8CVSS5.8AI score0.77508EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/27 11:45 p.m.29 views

Security Bulletin: A vulnerability in Apache Solr affects IBM InfoSphere Information Server

Summary A vulnerability in Apache Solr was addressed by IBM InfoSphere Information Server. Vulnerability Details CVE-ID: CVE-2019-0192 Description: Apache Solr could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization of untrusted data flaw in...

9.8CVSS0.4AI score0.77508EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/23 4:50 a.m.30 views

Security Bulletin: Potential vulnerability related to Unsafe Deserialization in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2019-0192)

Summary In Solr the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of unsafe deserialization in Solr to trigger remote code execution on the Solr side. Vulnerability Details CVEID: CVE-2019-0192...

9.8CVSS2.9AI score0.77508EPSS
Exploits1Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/04/03 12:0 a.m.4 views

Apache Solr Config API Insecure Deserialization Remote Code Execution (CVE-2019-0192)

An insecure deserialization vulnerability has been reported in Apache Solr. This vulnerability is due to the insufficient validation of requests to the Config API. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the Config API...

7.5CVSS2.3AI score0.77508EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.54 views

Apache Solr 5.x <= 5.5.5 or 6.x <= 6.6.5 Deserialization Vulnerability

The version of Apache Solr running on the remote web server is affected by a remote code execution vulnerability in the Config API due to unsafe deserialization of Java objects. An unauthenticated, remote attacker can exploit this, via an HTTP POST request that points the JMX server to a maliciou...

9.8CVSS10AI score0.77508EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/03/07 9:29 p.m.49 views

CVE-2019-0192

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side...

9.8CVSS7.9AI score0.77508EPSS
Exploits1References2
OSV
OSV
added 2019/03/07 9:29 p.m.35 views

CVE-2019-0192

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side...

9.8CVSS9.7AI score
Exploits0References14
CVE
CVE
added 2019/03/07 9:0 p.m.251 views

CVE-2019-0192

Apache Solr CVE-2019-0192 affects Solr 5.0.0–5.5.5 and 6.0.0–6.6.5. The Config API can configure the JMX server via HTTP POST; if pointed to a malicious RMI server, Solr’s unsafe deserialization can trigger remote code execution on the Solr side. Evidence in connected docs includes Nuclei templat...

9.8CVSS9.6AI score0.77508EPSS
Exploits1References14Affected Software1
Debian CVE
Debian CVE
added 2019/03/07 9:0 p.m.37 views

CVE-2019-0192

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side...

9.8CVSS9.8AI score0.77508EPSS
Exploits1
Rows per page
Query Builder