This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote web server contains a Java application that is affected by
an XML External Entity Injection vulnerability.
The version of Apache Solr hosted on the remote web server is affected
by an XML External Entity Injection vulnerability due to an incorrectly
configured XML parser in the 'DocumentAnalysisRequestHandler' class. A
remote, unauthenticated attacker could take advantage of this flaw in
order to gain access to arbitrary files or cause a denial of service
Note that this issue exists due to an incomplete fix for
See also :
Upgrade to Apache Solr version 4.3.1 or later.
Risk factor :
Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 5.6
Public Exploit Available : true