Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-0192

Опубликовано: 07 мар. 2019
Источник: redhat
CVSS3: 9.8

Описание

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.

A flaw was found in the Apache Solr's Config API, where it would permit the configuration of the JMX server via an HTTP POST request. An attacker could use this flaw to direct traffic to a malicious RMI server, and then trigger remote code execution or conduct further attacks.

Меры по смягчению последствий

  • Upgrade to 6.6.6 or later
  • Disable the ConifgAPI if not in use (disable.configEdit=true)
  • Use other external means to ensure only trusted traffic is allowed (block POST requests to the config API from external sources)

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat JBoss Data Grid 6solr-coreOut of support scope
Red Hat JBoss Enterprise Application Platform 6solr-coreNot affected
Red Hat JBoss Fuse 6solr-coreAffected
Red Hat JBoss Fuse Service Works 6solr-coreOut of support scope
Red Hat Fuse 7.4.0camel-solrFixedRHSA-2019:241308.08.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1692345solr: remote code execution due to unsafe deserialization

9.8 Critical

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-0192

CVSS3: 9.8
ubuntu
почти 7 лет назад

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.

nvd логотип

CVE-2019-0192

CVSS3: 9.8
nvd
почти 7 лет назад

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.

debian логотип

CVE-2019-0192

CVSS3: 9.8
debian
почти 7 лет назад

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config ...

github логотип

GHSA-xhcq-fv7x-grr2

CVSS3: 9.8
github
почти 7 лет назад

Critical severity vulnerability that affects org.apache.solr:solr-core

fstec логотип

BDU:2019-04030

CVSS3: 9.8
fstec
почти 7 лет назад

Уязвимость программного интерфейса Config поискового сервера Apache Solr, позволяющая нарушителю выполнить произвольный код

9.8 Critical

CVSS3