Need help to resolve Apache Solr vulnerability

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Need help to resolve Apache Solr vulnerability

Sheikh, Wasim A.
Hi Team,

Currently we are facing the below vulnerability for Apache Solr tool. So can you please check the below details and help us to fix this issue.

/etc/init.d/solr-master version

Server version: Apache Tomcat/7.0.62
Server built: May 7 2015 17:14:55 UTC
Server number: 7.0.62.0
OS Name: Linux
OS Version: 2.6.32-431.29.2.el6.x86_64
Architecture: amd64
JVM Version: 1.8.0_20-b26
JVM Vendor: Oracle Corporation


"solr-spec-version":"4.10.4",
Solr is an enterprise search platform.<P>
Solr is prone to remote code execution vulnerability.
<P>
Affected Versions:<BR>
Apache Solr version prior to 6.6.2 and prior to 7.1.0<P>

QID Detection Logic (Unauthenticated):<BR>
This QID sends specifically crafted request which include special entities in the xml document and looks for the vulnerable response.<BR>
Alternatively, in another check, this QID matches vulnerable versions in the response webpage
Successful exploitation allows attacker to execute arbitrary code.
The vendor has issued updated packages to fix this vulnerability. <P>For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories :<BR><A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr 6.6.2</A> For more information regarding the update can be found at <A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr  7.1.0</A>.







<P>Patch:<BR>
Following are links for downloading patches to fix the vulnerabilities:
<P> <A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr 6.6.2</A><P> <A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr 7.1.0</A>


Thanks...
Wasim Shaikh

________________________________

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________

www.accenture.com
Reply | Threaded
Open this post in threaded view
|

Re: Need help to resolve Apache Solr vulnerability

David Hastings
Solr isn’t meant to be public facing. Not sure how anyone would send these commands since it can’t be reached from the outside world

> On Nov 12, 2020, at 7:12 AM, Sheikh, Wasim A. <[hidden email]> wrote:
>
> Hi Team,
>
> Currently we are facing the below vulnerability for Apache Solr tool. So can you please check the below details and help us to fix this issue.
>
> /etc/init.d/solr-master version
>
> Server version: Apache Tomcat/7.0.62
> Server built: May 7 2015 17:14:55 UTC
> Server number: 7.0.62.0
> OS Name: Linux
> OS Version: 2.6.32-431.29.2.el6.x86_64
> Architecture: amd64
> JVM Version: 1.8.0_20-b26
> JVM Vendor: Oracle Corporation
>
>
> &quot;solr-spec-version&quot;:&quot;4.10.4&quot;,
> Solr is an enterprise search platform.<P>
> Solr is prone to remote code execution vulnerability.
> <P>
> Affected Versions:<BR>
> Apache Solr version prior to 6.6.2 and prior to 7.1.0<P>
>
> QID Detection Logic (Unauthenticated):<BR>
> This QID sends specifically crafted request which include special entities in the xml document and looks for the vulnerable response.<BR>
> Alternatively, in another check, this QID matches vulnerable versions in the response webpage
> Successful exploitation allows attacker to execute arbitrary code.
> The vendor has issued updated packages to fix this vulnerability. <P>For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories :<BR><A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr 6.6.2</A> For more information regarding the update can be found at <A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr  7.1.0</A>.
>
>
>
>
>
>
>
> <P>Patch:<BR>
> Following are links for downloading patches to fix the vulnerabilities:
> <P> <A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr 6.6.2</A><P> <A HREF="https://lucene.apache.org/solr/news.html" TARGET="_blank">Apache Solr 7.1.0</A>
>
>
> Thanks...
> Wasim Shaikh
>
> ________________________________
>
> This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
> ______________________________________________________________________________________
>
> www.accenture.com