Detections
Analytics
Apache Solr < 8.2.0 Remote Code Execution
high Web App Scanning Plugin ID 98930
Language:
Synopsis
Apache Solr < 8.2.0 Remote Code ExecutionDescription
The DataImportHandler, a popular and widely used module which is used to pull data from databases or other sources, has a vulnerability dataConfig parameter. This parameter is used for configuration of DIH config; since this config can contain scripts, this parameter poses a RCE security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update to Apache Solr version 8.2.0 or latest.See Also
Plugin Details
Severity: High
ID: 98930
Type: remote
Family: Component Vulnerability
Published: 1/27/2020
Updated: 3/14/2023
Scan Template: api, basic, full, pci, scan
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2019-0193
CVSS v3
Risk Factor: High
Base Score: 7.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS Score Source: CVE-2019-0193
Vulnerability Information
CPE: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
Exploit Ease: No known exploits are available
Patch Publication Date: 8/1/2019
Vulnerability Publication Date: 8/1/2019
CISA Known Exploited Vulnerability Due Dates: 6/10/2022
Reference Information
CVE: CVE-2019-0193
OWASP: 2010-A1, 2013-A1, 2013-A9, 2017-A1, 2017-A4, 2017-A9, 2021-A3, 2021-A5, 2021-A6
WASC: OS Commanding, XML External Entities
DISA STIG: APSC-DV-002510, APSC-DV-002550, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.14.2.5
NIST: sp800_53-CM-6b, sp800_53-SI-10
OWASP API: 2019-API7, 2019-API8, 2023-API8
OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.2.5, 4.0.2-5.5.2