Apache Solr 5.x <= 5.5.5 or 6.x <= 6.6.5 Deserialization Vulnerability (CVE-2019-0192)
High Nessus Plugin ID 126447
SynopsisThe remote web server contains a Java application that is affected by a remote code execution vulnerability.
DescriptionThe version of Apache Solr running on the remote web server is affected by a remote code execution vulnerability in the Config API due to unsafe deserialization of Java objects. An unauthenticated, remote attacker can exploit this, via an HTTP POST request that points the JMX server to a malicious RMI server. An attacker could then send a crafted serialized Java object to the server, to execute arbitrary code.
SolutionUpgrade to Apache Solr version 7.0 or later, refer to the vendor advisory for relevant patch and configuration settings.