Lucene search
K

9 matches found

OSV
OSV
added 2026/06/05 5:53 a.m.19 views

BIT-SOLR-2026-44825 Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS5.6AI score0.00529EPSS
Exploits2References3
Snyk
Snyk
added 2026/06/01 10:29 a.m.9 views

Insecure Default Initialization of Resource

Overview org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene Affected versions of this package are vulnerable to Insecure Default Initialization of Resource in the Basic Authentication setup bin/solr auth enable tool. An attacker can gain full...

9.8CVSS7AI score0.00529EPSS
Exploits2References3
NVD
NVD
added 2026/06/01 9:16 a.m.13 views

CVE-2026-44825

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS0.00529EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/06/01 8:2 a.m.13 views

CVE-2026-44825 Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

8.1CVSS5.8AI score0.00529EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:2 a.m.9 views

CVE-2026-44825

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

8.1CVSS5.8AI score0.00529EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2026/06/01 8:2 a.m.2 views

CVE-2026-44825 Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

8.1CVSS7.2AI score0.00529EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/06/01 8:2 a.m.47 views

CVE-2026-44825 Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

8.1CVSS0.00529EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2026/06/01 8:2 a.m.13 views

CVE-2026-44825

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS5.8AI score0.00529EPSS
Exploits2
EUVD
EUVD
added 2026/06/01 8:2 a.m.27 views

EUVD-2026-33602

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS5.8AI score0.00529EPSS
Exploits2References1
Rows per page
Query Builder