Lucene search

K

37 matches found

CVE
CVE
added 2023/10/10 2:15 p.m.4408 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.94434EPSS
CVE
CVE
added 2020/10/13 7:15 p.m.2241 views

CVE-2020-13957

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...

9.8CVSS9.3AI score0.84903EPSS
CVE
CVE
added 2019/12/30 5:15 p.m.1233 views

CVE-2019-17558

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially ma...

7.5CVSS7.5AI score0.94474EPSS
CVE
CVE
added 2019/08/01 2:15 p.m.1127 views

CVE-2019-0193

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging...

9CVSS6.8AI score0.93129EPSS
CVE
CVE
added 2024/02/09 6:15 p.m.308 views

CVE-2023-50386

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In the affected versions...

8.8CVSS8.2AI score0.82427EPSS
CVE
CVE
added 2017/10/14 11:29 p.m.307 views

CVE-2017-12629

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

9.8CVSS9.6AI score0.93891EPSS
CVE
CVE
added 2021/04/13 7:15 a.m.257 views

CVE-2021-27905

The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability...

9.8CVSS9.1AI score0.94057EPSS
CVE
CVE
added 2024/02/09 6:15 p.m.256 views

CVE-2023-50298

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter.When original SolrCl...

7.5CVSS7.4AI score0.00033EPSS
CVE
CVE
added 2019/03/07 9:29 p.m.203 views

CVE-2019-0192

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.

9.8CVSS9.6AI score0.93432EPSS
CVE
CVE
added 2024/10/16 8:15 a.m.185 views

CVE-2024-45216

Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass.A fake ending at the end of any Solr API URL path, will allow requests to skip Authentication...

9.8CVSS9.6AI score0.93913EPSS
CVE
CVE
added 2019/11/18 9:15 p.m.160 views

CVE-2019-12409

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exp...

9.8CVSS9.3AI score0.8277EPSS
CVE
CVE
added 2021/04/13 7:15 a.m.143 views

CVE-2021-29943

When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts.

9.1CVSS9.1AI score0.058EPSS
CVE
CVE
added 2021/04/13 7:15 a.m.142 views

CVE-2021-29262

When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be re...

7.5CVSS7.4AI score0.26231EPSS
CVE
CVE
added 2020/08/17 1:15 p.m.141 views

CVE-2020-13941

Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler (https://lucene.apache.org/solr/guide/8_6/index-replication.html#http-api-commands-for-the-replicationhandler) allows commands backup, restore and deleteBackup. Each of these t...

8.8CVSS8.6AI score0.02295EPSS
CVE
CVE
added 2017/08/30 2:29 p.m.122 views

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path tra...

7.5CVSS7.6AI score0.16448EPSS
CVE
CVE
added 2025/01/27 9:15 a.m.106 views

CVE-2024-52012

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to ...

5.4CVSS9.6AI score0.01116EPSS
CVE
CVE
added 2021/12/23 9:15 a.m.105 views

CVE-2021-44548

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attack...

9.8CVSS9.6AI score0.01129EPSS
CVE
CVE
added 2013/12/07 8:55 p.m.102 views

CVE-2013-6397

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a sepa...

4.3CVSS6.5AI score0.93346EPSS
CVE
CVE
added 2024/01/15 10:15 a.m.95 views

CVE-2023-50290

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designed t...

6.5CVSS6.3AI score0.92895EPSS
CVE
CVE
added 2013/12/07 9:55 p.m.94 views

CVE-2012-6612

The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different ...

7.5CVSS6.6AI score0.06719EPSS
CVE
CVE
added 2013/12/07 8:55 p.m.94 views

CVE-2013-6407

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

6.4CVSS6.6AI score0.06719EPSS
CVE
CVE
added 2018/07/05 2:29 p.m.94 views

CVE-2018-8026

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is a...

5.5CVSS5.2AI score0.06266EPSS
CVE
CVE
added 2018/04/09 1:29 p.m.89 views

CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the &dataConfig=<inlinexml> parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr se...

7.5CVSS7.2AI score0.06066EPSS
CVE
CVE
added 2019/03/08 9:29 p.m.83 views

CVE-2017-3164

Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.

7.5CVSS7.4AI score0.57093EPSS
CVE
CVE
added 2013/12/07 8:55 p.m.82 views

CVE-2013-6408

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity...

6.4CVSS6.7AI score0.06719EPSS
CVE
CVE
added 2025/01/27 9:15 a.m.81 views

CVE-2025-24814

Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization are vulnerable to a ...

5.5CVSS7.2AI score0.00119EPSS
CVE
CVE
added 2018/05/21 7:29 p.m.76 views

CVE-2018-8010

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerabili...

5.5CVSS5.2AI score0.01584EPSS
CVE
CVE
added 2019/09/10 3:15 p.m.74 views

CVE-2019-12401

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it’s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML caus...

7.5CVSS7.3AI score0.28199EPSS
CVE
CVE
added 2017/07/07 7:29 p.m.70 views

CVE-2017-7660

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious n...

7.5CVSS7.4AI score0.00455EPSS
CVE
CVE
added 2024/02/09 6:15 p.m.70 views

CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configure...

7.5CVSS7.2AI score0.45673EPSS
CVE
CVE
added 2024/02/09 6:15 p.m.69 views

CVE-2023-50291

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties th...

7.5CVSS7AI score0.00562EPSS
CVE
CVE
added 2020/04/01 10:15 p.m.63 views

CVE-2018-11802

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all author...

4.3CVSS4.2AI score0.00151EPSS
CVE
CVE
added 2016/02/15 2:59 a.m.61 views

CVE-2015-8797

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.

6.1CVSS6AI score0.02074EPSS
CVE
CVE
added 2017/09/18 9:29 p.m.61 views

CVE-2017-9803

Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g. SaslZkACLProvider). ...

7.5CVSS7.7AI score0.00342EPSS
CVE
CVE
added 2016/02/15 2:59 a.m.58 views

CVE-2015-8795

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schem...

6.1CVSS6AI score0.02559EPSS
CVE
CVE
added 2024/10/16 8:15 a.m.56 views

CVE-2024-45217

Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata.ConfigSets that do not contain the flag are trusted impl...

8.1CVSS8.1AI score0.00148EPSS
CVE
CVE
added 2016/02/15 2:59 a.m.50 views

CVE-2015-8796

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL.

6.1CVSS5.9AI score0.02552EPSS