Privilege Escalation in Apache Solr's Kerberos Plugin
CVE-2017-9803

7.5HIGH

Key Information:

Vendor: Apache
Status: Apache Solr
Vendor: CVE Published:; 18 September 2017

What is CVE-2017-9803?

The Kerberos plugin in Apache Solr is susceptible to serious security flaws related to delegation token functionality. When configured to use the SecurityAwareZkACLProvider type of ACL provider (such as SaslZkACLProvider), sensitive security configurations can inadvertently be accessed by users other than the designated Solr super user. This leakage opens the door for attackers to manipulate these configurations for privilege escalation, leading to unauthorized access, exposure of private data, or disruption of operations within the Solr cluster. This vulnerability has been addressed and resolved in Apache Solr version 6.6.1 and later.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Apache Solr 6.2.0 to 6.6.0

References

http://www.securityfocus.com/bid/100870

vdb-entryx_refsource_BID

http://mail-archives.us.apache.org/mod_mbox/www-announce/...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2017
Vulnerability Reserved
Jun 21, 2017

JSON

Apache

What is CVE-2017-9803?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.