Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

F5 Networks
F5 Networksadded 2023/02/21 7:55 p.m.30 views

K23720587: Apache Solr vulnerability CVE-2019-12409

Security Advisory Description The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX...

9.8CVSS9.4AI score0.8277EPSS
Exploits4
Github Security Blog
Github Security Blogadded 2020/01/28 10:26 p.m.76 views

Unrestricted upload of file with dangerous type in Apache Solr

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...

9.8CVSS1.2AI score0.8277EPSS
Exploits4References11Affected Software1
Tenable Nessus
Tenable Nessusadded 2020/01/27 12:0 a.m.29 views

Apache Solr 8.1.1 < 8.3.0 Remote Code Execution

CVE-2019-12409 is a flaw in the default configuration of the solr.in.sh file in Apache Solr. If this file is used in its default configuration in versions 8.1.1 and 8.2.0, unauthenticated access to the Java Management Extensions JMX monitoring on the RMIPORT default 18983 is allowed. Anyone with...

9.8CVSS9.6AI score0.8277EPSS
Exploits4References3
OSV
OSVadded 2019/11/18 9:15 p.m.17 views

CVE-2019-12409

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...

9.8CVSS6.9AI score0.8277EPSS
Exploits4References7
CVE
CVEadded 2019/11/18 8:50 p.m.183 views

CVE-2019-12409

CVE-2019-12409 affects Apache Solr 8.1.1 and 8.2.0 where the default solr.in.sh enables ENABLE_REMOTE_JMX_OPTS, exposing JMX on RMI_PORT 18983 without authentication. Unauthenticated network access to JMX can allow uploading and execution of malicious code on the Solr server. Public exploitation ...

9.8CVSS9.3AI score0.8277EPSS
Exploits4References7Affected Software1
ATTACKERKB
ATTACKERKBadded 2019/09/11 12:0 a.m.26 views

Apache Solr 8.11, 8.20 have unauthenticated JMX server enabled in default config

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...

9.8CVSS9.3AI score0.8277EPSS
Exploits4References8
Rows per page
Query Builder