Threat Encyclopedia

Apache.Solr.Replication.MasterUrl.SSRF

Description

This indicates an attack attempt to exploit a Server-Side Request Forgery Vulnerability in Apache Solr Server.
The vulnerability is due to improper sanitation of a crafted HTTP user input. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream.

Affected Products

Apache Solr versions before 8.8.2

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems to make HTTP requests.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://solr.apache.org/downloads.html

CVE References

CVE-2021-27905