14 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-17558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through...
K50133242: Apache Solr vulnerability CVE-2019-17558
Security Advisory Description Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could...
Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)
Summary Apache Solr is vulnerable to Remote Code Execution. This has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the VelocityResponseWriter, an...
Oracle Primavera Unifier (Oct 2020 CPU)
The 16.1-16.2, 17.7-17.12, 18.8, and 19.12 versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platfor...
Security Bulletin: Multiple vulnerabilities in Apache Solr (lucene) affect IBM InfoSphere Information Server
Summary Multiple vulnerabilities in Apache Solr lucene were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the...
Exploit for Injection in Apache Solr
SolrCVE-2019-17558 usage: p...
Apache Solr - Remote Code Execution via Velocity Template (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Apache Solr Remote Code Execution via Velocity Template', 'Description' = %q This module exploits a...
Security Bulletin: Possible remote code execution vulnerability in Watson Knowledge Catalog for IBM Cloud Pak for Data
Summary There is a possible remote code execution vulnerability in the Watson Knowledge Catalog for IBM Cloud Pak for Data Apache Solr service. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute...
CVE-2019-17558
creationtimestamp| type| source ---|---|--- 2020-04-02 16:31:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/solrvelocityrce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48338 2021-02-05 21:43:47+00:00|...
FreeBSD : Solr -- multiple vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)
Community reports : 8.1.1 and 8.2.0 users check ENABLEREMOTEJMXOPTS setting Apache Solr RCE vulnerability due to bad config default Apache Solr RCE through VelocityResponseWriter C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...
CVE-2019-17558
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...
Apache Solr < 8.4.0 Remote Code Execution
The version of Apache Solr running on the remote host is at least 5.0.0 and prior to 8.4.0. It is, therefore, affected by a remote code execution vulnerability. A remote code execution vulnerability exists in VelocityResponseWriter due to a flaw in the velocity template parameter. An...
CVE-2019-17558
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...
CVE-2019-17558
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...