Remote Code Execution Vulnerability in Apache Solr by Apache Software Foundation
CVE-2017-12629

9.8CRITICAL

Key Information:

Vendor
Apache
Status
Apache Solr Before 7.1 With Apache Lucene Before 7.1
Vendor
CVE Published:
14 October 2017

Summary

Apache Solr versions prior to 7.1 are susceptible to a remote code execution vulnerability due to improper handling of XML external entities (XXE). This can be exploited by sending crafted XML data through the Config API, specifically using the add-listener command, to invoke the RunExecutableListener class. The vulnerability allows malicious users to upload unauthorized files or execute arbitrary code on the server. Additionally, the XML Query Parser is affected, enabling attackers to read sensitive local files via crafted requests. Proper security measures and updates are critical to protect against such threats.

Affected Version(s)

Apache Solr before 7.1 with Apache Lucene before 7.1 Apache Solr before 7.1 with Apache Lucene before 7.1

Apache Solr before 7.1 with Apache Lucene before 7.1 lucene-solr < 7.1.0

Apache Solr before 7.1 with Apache Lucene before 7.1 redhat lucene-solr < 5.3.1-redhat-2

References

https://access.redhat.com/errata/RHSA-2017:3451
vendor-advisoryx_refsource_REDHAT
https://s.apache.org/FJDl
mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:0002
vendor-advisoryx_refsource_REDHAT

EPSS Score

97% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.