Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache Solr 5.3.x < 5.3.2 Authentication Bypass



The remote web server contains a Java application that is affected by an authentication bypass vulnerability.


Versions of Apache Solr 5.3.x prior to 5.3.2 are affected by a authentication bypass flaw. This flaw exists due to the basic auth plugin failing to enforce credential requirements for authentication mechanisms. This may allow a remote attacker to bypass intended restrictions on the unauthenticated execution of certain actions. (OSVDB 131883)


Upgrade to Solr 5.4.0 or later. If 5.4.x cannot be obtained, 5.3.2 has also been patched for this vulnerability.