Data Exposure Vulnerability in Apache Solr Replication Handler
CVE-2020-13941
8.8HIGH
Key Information:
- Vendor
Apache
- Status
- Vendor
- CVE Published:
- 17 August 2020
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2020-13941?
The replication handler in Apache Solr allows unauthorized commands such as backup, restore, and deleteBackup to be executed on the system. The vulnerability arises due to a lack of validation on the location parameter, enabling attackers to read and write to any location accessible by the Solr user. This flaw was identified and addressed in Solr version 8.6.0, underscoring the importance of updating to this release or later to secure your system against potential exploitation.
Affected Version(s)
Apache Solr Prior to 8.6.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.