2 matches found
CVE-2024-31391 Apache Solr Operator: Solr-Operator liveness and readiness probes may leak basic auth credentials
Insertion of Sensitive Information into Log File vulnerability in the Apache Solr Operator. This issue affects all versions of the Apache Solr Operator from 0.3.0 through 0.8.0. When asked to bootstrap Solr security, the operator will enable basic authentication and create several accounts for...
CVE-2024-31391
The CVE-2024-31391 issue affects the Apache Solr Operator (versions 0.3.0–0.8.0). When bootstraping security with basic authentication, the operator creates accounts (including k8s-oper) and uses health probes (liveness/readiness/startup) to check Solr. By default, probe endpoints can be exempt f...