Lucene search
Ubuntu.comUB:CVE-2021-29262HistoryApr 13, 2021 - 12:00 a.m.
CVE-2021-29262
2021-04-1300:00:00
ubuntu.com
ubuntu.com
4
0.003 Low
EPSS
Percentile
68.0%
When starting Apache Solr versions prior to 8.8.2, configured with the
SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no
existing security.json znode, if the optional read-only user is configured
then Solr would not treat that node as a sensitive path and would allow it
to be readable. Additionally, with any ZkACLProvider, if the security.json
is already present, Solr will not automatically update the ACLs.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 14.04 | noarch | lucene-solr | < any | UNKNOWN |
Related
debiancve
debiancve
CVE-2021-29262
2021-04-13 07:15:00
osv
osv
Improper permission handling in Apache Solr
2021-05-10 15:18:17
CVE-2021-29262
2021-04-13 07:15:12
BIT-solr-2021-29262
2024-03-06 11:06:30
cvelist
cvelist
veracode
veracode
Insecure Access Control
2021-05-11 06:58:18
github
github
Improper permission handling in Apache Solr
2021-05-10 15:18:17
prion
prion
Code injection
2021-04-13 07:15:00
cve
cve
CVE-2021-29262
2021-04-13 07:15:00
redhatcve
redhatcve
CVE-2021-29262
2021-04-14 13:27:59
nessus
nessus
Apache Solr 7.x < 7.7.4 / 8.x < 8.8.2 Multiple Vulnerabilities
2023-09-15 00:00:00
