4 matches found
Sensitive Information Exposure
org.apache.solr: solr-core is vulnerable to Sensitive Information Exposure. The vulnerability is caused due to publishing all unprotected environment variables available to each Apache Solr instance thorough Solr Metrics API. An attacker can access Sensitive Information by exploiting this...
Design/Logic Flaw
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...
CVE-2023-50290
Apache Solr (versions 9.0.0–9.2.x) is vulnerable to CVE-2023-50290 via the Metrics API, which publishes all unprotected host environment variables. The root cause is that environment variables are not strictly definable in Solr and may be exposed even in Clouds with authorization, until fixed. Th...
CVE-2023-50290
A flaw was found in Apache Solr. This issue may allow an unauthorized actor access to sensitive information. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the...