Apache.Solr.ConfigSets.XML.Expansion.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Apache Solr.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. An attacker can exploit this to disclose arbitrary files on the affected machine via a crafted request.
Affected Products
Apache Software Foundation Solr 6.0.0 to 6.6.4
Apache Software Foundation Solr 7.0.0 to 7.3.1
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://mail-archives.apache.org/mod_mbox/lucene-solr-user/201807.mbox/%3C0cdc01d413b7%24f97ba580%24ec72f080%24%40apache.org%3E
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |