Lucene search
+L

4 matches found

UbuntuCve
UbuntuCve
added 2024/02/09 6:15 p.m.42 views

CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

7.5CVSS6.9AI score0.0305EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/09 5:29 p.m.52 views

CVE-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

8AI score0.0305EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/02/09 5:29 p.m.34 views

CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

7.5CVSS7.3AI score0.0305EPSS
Exploits0
CVE
CVE
added 2024/02/09 5:29 p.m.98 views

CVE-2023-50292

The CVE-2023-50292 issue affects Apache Solr before 9.3.0 and 8.11.x lines, where the Schema Designer could load external libraries from untrusted configSets due to missing trust handling. This could enable remote code execution when non-authenticated users configure Schema Sets. Affected version...

7.5CVSS7.2AI score0.0305EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder