Apache Solr Bug Gets Bumped Up to High Severity

guest · Nov 21, 2019

Apache Solr Bug Gets Bumped Up to High Severity
Linux users running the enterprise-search platform Solr are potentially vulnerable to remote code execution attack
November 20, 2019
https://threatpost.com/apache-solr-bug-gets-bumped-up-to-high-severity/150484/

A bug impacting the Linux enterprise-search platform called Apache Solr has been revised from low to high-severity after researchers discovered a new remote code execution exploit. The warning comes from Tenable, which is reporting that the newly-identified default configuration vulnerability could allow attackers to remotely execute code on affected hardware.

The vulnerability (CVE-2019-12409) was first reported in July and patched in August.
Since the bug was initially discovered, researchers have reevaluated the threat and escalated its severity to high-risk.

“It appears a researcher reported that remote code execution was achievable and the vendor revised the bug report to reflect this and add the CVE,” Caveza told Threatpost
Public disclosure and a security bulletin for the more serious RCE exploit was issued Tuesday. That flaw is tied to a configuration issue the solr.in.sh file in Apache Solr.
Click to expand...

guest · Nov 25, 2019

Apache Solr RCEs with public PoCs could soon be exploited
November 25, 2019
https://www.helpnetsecurity.com/2019/11/25/apache-solr-rce/

One – CVE-2019-12409 – has already been patched, while the other – currently without a CVE number – seems to still be unpatched. Proof of concept exploit code for both is available on GitHub.

“According to the PoC, an attacker could target a vulnerable Apache Solr instance by first identifying a list of Solr core names. Once the core names have been identified, an attacker can send a specially crafted HTTP POST request to the Config API to toggle the params resource loader value for the Velocity Response Writer in the solrconfig.xml file to true,” Narang explained.
Since the issue is yet to be fixed, admins would do well to mitigated it by adding authentication to their Apache Solr instances.
Click to expand...

Tenable: Apache Solr Vulnerable to Remote Code Execution Zero-Day Vulnerability

Apache Solr remains vulnerable to a zero day weeks after proof-of-concept code became public
Click to expand...

Log in or Sign up

Apache Solr Bug Gets Bumped Up to High Severity

guest Guest

guest Guest

Log in or Sign up

Apache Solr Bug Gets Bumped Up to High Severity

guest Guest

guest Guest

Useful Searches