Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere Vulnerability in Apache Solr
CVE-2023-50386
Key Information:
- Vendor
- Apache
- Status
- Vendor
- CVE Published:
- 9 February 2024
Badges
Summary
A security vulnerability has been identified in Apache Solr that allows improper control of dynamically-managed code resources. Specifically, the ConfigSets API in affected versions permits the upload of Java jar and class files, which could lead to execution of malicious code if these files are saved in directories that Solr interfaces with during runtime. This presents a significant risk when backups save unauthorized configurations that may include potentially harmful executables, thereby compromising system integrity. Mitigation steps have been introduced in newer versions, restricting the upload of executable files to configSets and limiting backup storage directories to enhance security management.
Affected Version(s)
Apache Solr 6.0.0 <= 8.11.2
Apache Solr 9.0.0 < 9.4.1
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
SangforCVE-2023-50386CVE-2023-50386: Apache Solr Remote Code Execution Vulnerability
On February 20, 2024, Sangfor FarSight Labs received notification of the remote code execution vulnerability (CVE-2023-50386) in Apache Solr.
11 months ago
References
EPSS Score
88% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π°
First article discovered by Sangfor
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved