[CVE-2020-13957] The checks added to unauthenticated configset uploads in Apache Solr can be circumvented
Vendor: The Apache Software Foundation
Versions Affected: 6.6.0 to 6.6.5 7.0.0 to 7.7.3 8.0.0 to 8.6.2
Description: Solr prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions.
Mitigation: Any of the following are enough to prevent this vulnerability: * Disable UPLOAD command in ConfigSets API if not used by setting the system property: "configset.upload.enabled" to "false"  * Use Authentication/Authorization and make sure unknown requests aren't allowed  * Upgrade to Solr 8.6.3 or greater. * If upgrading is not an option, consider applying the patch in SOLR-14663 () * No Solr API, including the Admin UI, is designed to be exposed to non-trusted parties. Tune your firewall so that only trusted computers and people are allowed access