Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-17558

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through...

7.5CVSS8.3AI score0.98567EPSS
Exploits12References2
F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.118 views

K50133242: Apache Solr vulnerability CVE-2019-17558

Security Advisory Description Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could...

7.5CVSS8.5AI score0.98567EPSS
Exploits12
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/20 6:50 a.m.54 views

Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)

Summary Apache Solr is vulnerable to Remote Code Execution. This has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the VelocityResponseWriter, an...

7.5CVSS2.2AI score0.98567EPSS
Exploits12Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.128 views

Oracle Primavera Unifier (Oct 2020 CPU)

The 16.1-16.2, 17.7-17.12, 18.8, and 19.12 versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platfor...

9.1CVSS6.5AI score0.98567EPSS
Exploits13References8
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/02 11:24 p.m.46 views

Security Bulletin: Multiple vulnerabilities in Apache Solr (lucene) affect IBM InfoSphere Information Server

Summary Multiple vulnerabilities in Apache Solr lucene were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the...

7.5CVSS1.2AI score0.98567EPSS
Exploits12Affected Software1
GithubExploit
GithubExploit
added 2020/08/04 6:13 a.m.116 views

Exploit for Injection in Apache Solr

SolrCVE-2019-17558 usage: p...

7.5CVSS2AI score0.98567EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.495 views

Apache Solr - Remote Code Execution via Velocity Template (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Apache Solr Remote Code Execution via Velocity Template', 'Description' = %q This module exploits a...

7.5CVSS7.4AI score0.98567EPSS
Exploits12
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/09 2:28 p.m.30 views

Security Bulletin: Possible remote code execution vulnerability in Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary There is a possible remote code execution vulnerability in the Watson Knowledge Catalog for IBM Cloud Pak for Data Apache Solr service. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute...

7.5CVSS2.2AI score0.98567EPSS
Exploits12Affected Software1
Circl
Circl
added 2020/04/02 4:31 p.m.5 views

CVE-2019-17558

creationtimestamp| type| source ---|---|--- 2020-04-02 16:31:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/solrvelocityrce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48338 2021-02-05 21:43:47+00:00|...

7.5CVSS7AI score0.98567EPSS
Exploits12References11
Tenable Nessus
Tenable Nessus
added 2020/03/02 12:0 a.m.46 views

FreeBSD : Solr -- multiple vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)

Community reports : 8.1.1 and 8.2.0 users check ENABLEREMOTEJMXOPTS setting Apache Solr RCE vulnerability due to bad config default Apache Solr RCE through VelocityResponseWriter C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...

7.5CVSS8.5AI score0.98567EPSS
Exploits12References3
RedhatCVE
RedhatCVE
added 2020/01/09 6:8 p.m.43 views

CVE-2019-17558

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...

7.5CVSS2.1AI score0.98567EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.371 views

Apache Solr < 8.4.0 Remote Code Execution

The version of Apache Solr running on the remote host is at least 5.0.0 and prior to 8.4.0. It is, therefore, affected by a remote code execution vulnerability. A remote code execution vulnerability exists in VelocityResponseWriter due to a flaw in the velocity template parameter. An...

7.5CVSS9.2AI score0.98567EPSS
Exploits12References6
Vulnrichment
Vulnrichment
added 2019/12/30 4:36 p.m.12 views

CVE-2019-17558

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...

7.7AI score0.98567EPSS
Exploits12References29
ATTACKERKB
ATTACKERKB
added 2019/03/28 12:0 a.m.22 views

CVE-2019-17558

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...

7.5CVSS7.2AI score0.98567EPSS
In wildExploits12References30
Rows per page
Query Builder