14 matches found
BIT-SOLR-2021-27905 SSRF vulnerability with the Replication handler
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
Apache Solr 7.x < 7.7.4 / 8.x < 8.8.2 Multiple Vulnerabilities
The version of Apache Solr running on the remote host is 7.x prior to 7.7.4, or 8.x prior to 8.8.2. It is, therefore, affected by multiple vulnerabilities, including the following: - The ReplicationHandler normally registered at '/replication' under a Solr core has a 'masterUrl' also 'leaderUrl'...
Exploit for Server-Side Request Forgery in Apache Solr
CVE-2021-27905 Apache Solr ReplicationHandler Server Side Requ...
GHSA-5PHW-3JRP-3VJ8 Server-Side Request Forgery in Apache Solr
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
Server-Side Request Forgery in Apache Solr
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
CVE-2021-27905
A flaw was found in solr. The ReplicationHandler in Apache Solr does not check proper parameters when connecting to another Solr instance to replicate index data into the local core leading to a SSRF vulnerability. The highest threat from this vulnerability is to data confidentiality and integrit...
CVE-2021-27905
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
CVE-2021-27905
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
CVE-2021-27905
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
Server side request forgery (ssrf)
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
CVE-2021-27905
CVE-2021-27905 (Solr SSRF) affects Apache Solr versions prior to 8.8.2 where the ReplicationHandler’s masterUrl/leaderUrl parameter can be abused to trigger SSRF. The flaw arises because masterUrl is not sufficiently validated against allowed hosts/schemes, enabling an attacker to cause the serve...
CVE-2021-27905
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
CVE-2021-27905 SSRF vulnerability with the Replication handler
The ReplicationHandler normally registered at "/replication" under a Solr core in Apache Solr has a "masterUrl" also "leaderUrl" alias parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability,...
PT-2021-17659
Name of the Vulnerable Software and Affected Versions: Apache Solr versions prior to 8.8.2 Description: The ReplicationHandler in Apache Solr, normally registered at "/replication" under a Solr core, has a masterUrl also leaderUrl alias parameter used to designate another ReplicationHandler on...