virus logo Intrusion Prevention

Apache.Solr.ConfigSets.baseConfigset.Code.Injection

description-logoDescription

This indicates an attack attempt to exploit a Code Injection Vulnerability in Apache Solr.
The vulnerability is due to missing authentication mechanisms in the ConfigSet CREATE API. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the target server. Successful exploitation can result in arbitrary code execution in the context of the Apache Solr service.

affected-products-logoAffected Products

Apache Software Foundation Solr 6.6.0 to 6.6.6
Apache Software Foundation Solr 7.0.0 to 7.7.3
Apache Software Foundation Solr 8.0.0 to 8.6.2

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://lucene.apache.org/solr/security.html#cve-2020-13957-the-checks-added-to-unauthenticated-configset-uploads-in-apache-solr-can-be-circumvented

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-10-24 25.663 Sig Added
2020-12-28 16.986 Default_action:pass:drop
2020-12-15 16.980
ID 49655
Created Dec 07, 2020
Updated Oct 24, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2020-13957
Exploit Prediction Score 62.96%
Default Action drop
Active
Affected OS Linux
Affected App Apache