CVE-2019-17558
CVSS v3.1
7.5 (High)
CVSS v2.0
4.6 (Medium)
EPSS
97.53 % (100th)
Affected Products
2
Advisories
3
NVD Status
Analyzed
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/
directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting params.resource.loader.enabled
by defining a response writer with that setting set to true
. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is trusted
(has been uploaded by an authenticated user).
Weaknesses
- CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Apache Software Foundation
- Published Date
-
2019-12-30 17:15:19
(4 years ago) - Updated Date
-
2024-07-25 14:32:21
(7 weeks ago)
Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- The Apache Solr VelocityResponseWriter plug-in contains an unspecified vulnerability which can allow for remote code execution.
- Required Action
- Apply updates per vendor instructions.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://nvd.nist.gov/vuln/detail/CVE-2019-17558
- Vendor
- Apache
- Product
- Solr
- In CISA Catalog from
-
2021-11-03
(2 years ago) - Due Date
-
2022-05-03
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...