[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2021-44548: Apache Solr information disclosure vulnerability through DataImportHa
From: Jan_Høydahl <janhoy () apache ! org>
Date: 2021-12-18 16:03:14
Message-ID: 1a42c865-2a9b-a8c1-a422-140d180d76f7 () apache ! org
[Download RAW message or body]
Severity: moderate
Description:
An Improper Input Validation vulnerability in DataImportHandler of Apache =
Solr allows an attacker to provide a Windows UNC path resulting in an SMB =
network call being made from the Solr host to another host on the network. =
If the attacker has wider access to the network, this may lead to SMB =
attacks, which may result in:
* The exfiltration of sensitive data such as OS user hashes (NTLM/LM =
hashes),
* In case of misconfigured systems, SMB Relay Attacks which can lead to =
user impersonation on SMB Shares or, in a worse-case scenario, Remote Code =
Execution
This issue affects all Apache Solr versions prior to 8.11.1. This issue =
only affects Windows.
This issue is being tracked as SOLR-15826
Mitigation:
Upgrade to Solr 8.11.1, and/or ensure only trusted clients can make =
requests to Solr's DataImport handler.
Credit:
Apache Solr would like to thank LaiHan of Nsfocus security team for =
reporting the issue
References:
https://solr.apache.org/security.html#cve-2021-44548-apache-solr-informatio=
n-disclosure-vulnerability-through-dataimporthandler
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic