SCA: security update for org.apache.solr:solr-core (GHSA-ww97-9w65-2crx)

high Tenable Cloud Security Plugin ID 423357

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the
VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset
`velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially
malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting
`params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a
response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely,
and only enables the configset-provided template rendering when the configset is `trusted` (has been
uploaded by an authenticated user). (CVE-2019-17558)

See Also

https://github.com/advisories/GHSA-ww97-9w65-2crx

Plugin Details

Severity: High

ID: 423357

Version: Revision 1.7

Type: Local

Family: SCA Checks

Published: 3/29/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.5

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2019-17558

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/12/2020

Vulnerability Publication Date: 12/30/2019

CISA Known Exploited Vulnerability Due Dates: 5/3/2022

Exploitable With

Metasploit (Apache Solr Remote Code Execution via Velocity Template)

Reference Information

CVE: CVE-2019-17558