Solr Security Vulnerabilities and Issues — Solr CVE List

Lucene search

ApacheSolr

9 matches found

CVE•added 2020/10/13 7:15 p.m.•2241 views

CVE-2020-13957

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...

9.8CVSS9.3AI score0.84903EPSS

CVE•added 2019/08/01 2:15 p.m.•1130 views

CVE-2019-0193

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging...

9CVSS6.8AI score0.93129EPSS

CVE•added 2017/10/14 11:29 p.m.•307 views

CVE-2017-12629

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

9.8CVSS9.6AI score0.93891EPSS

CVE•added 2021/04/13 7:15 a.m.•260 views

CVE-2021-27905

The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability...

9.8CVSS9.1AI score0.94057EPSS

CVE•added 2019/03/07 9:29 p.m.•204 views

CVE-2019-0192

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.

9.8CVSS9.6AI score0.93432EPSS

CVE•added 2024/10/16 8:15 a.m.•185 views

CVE-2024-45216

Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass.A fake ending at the end of any Solr API URL path, will allow requests to skip Authentication...

9.8CVSS9.6AI score0.93913EPSS

CVE•added 2019/11/18 9:15 p.m.•160 views

CVE-2019-12409

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exp...

9.8CVSS9.3AI score0.8277EPSS

CVE•added 2021/04/13 7:15 a.m.•143 views

CVE-2021-29943

When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts.

9.1CVSS9.1AI score0.058EPSS

CVE•added 2021/12/23 9:15 a.m.•105 views

CVE-2021-44548

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attack...

9.8CVSS9.6AI score0.01129EPSS