[Bug 1501529] CVE-2017-12629 Solr: Code execution via entity expansion
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1501529
Eric Christensen <sparks(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=critical,public=2017 |impact=critical,public=2017
|1012,reported=20171012,sour |1012,reported=20171011,sour
|ce=internet,cvss2=10/AV:N/A |ce=internet,cvss2=10/AV:N/A
|C:L/Au:N/C:C/I:C/A:C,cvss3= |C:L/Au:N/C:C/I:C/A:C,cvss3=
|9.8/CVSS:3.0/AV:N/AC:L/PR:N |9.8/CVSS:3.0/AV:N/AC:L/PR:N
|/UI:N/S:U/C:H/I:H/A:H,eap-6 |/UI:N/S:U/C:H/I:H/A:H,eap-6
|/solr=notaffected,eap-7/luc |/solr=notaffected,eap-7/luc
|ene=affected/impact=moderat |ene=affected/impact=moderat
|e,jpp-6/solr=notaffected/im |e,jpp-6/solr=notaffected/im
|pact=moderate,rhsso-7/lucen |pact=moderate,rhsso-7/lucen
|e=notaffected/impact=modera |e=notaffected/impact=modera
|te,jdg-7/lucene=affected/im |te,jdg-7/lucene=affected/im
|pact=moderate,fuse-6/Camel= |pact=moderate,fuse-6/Camel=
|notaffected,brms-6/lucene=n |notaffected,brms-6/lucene=n
|otaffected,bpms-6/lucene=no |otaffected,bpms-6/lucene=no
|taffected,rhev-m-4/lucene=n |taffected,rhev-m-4/lucene=n
|otaffected/impact=moderate, |otaffected/impact=moderate,
|rhel-5/lucene=notaffected,r |rhel-5/lucene=notaffected,r
|hel-6/lucene=wontfix/impact |hel-6/lucene=wontfix/impact
|=moderate,rhscl-3/rh-java-c |=moderate,rhscl-3/rh-java-c
|ommon-lucene=affected/impac |ommon-lucene=affected/impac
|t=moderate,rhscl-3/rh-java- |t=moderate,rhscl-3/rh-java-
|common-lucene5=affected/imp |common-lucene5=affected/imp
|act=moderate,fedora-all/luc |act=moderate,fedora-all/luc
|ene=affected,fedora-all/luc |ene=affected,fedora-all/luc
|ene4=affected,fedora-all/lu |ene4=affected,fedora-all/lu
|cene3=affected,fedora-all/s |cene3=affected,fedora-all/s
|olr3=affected,eap-6/lucene= |olr3=affected,eap-6/lucene=
|notaffected |notaffected
--- Doc Text *updated* ---
It was found that Apache Solr would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code on the server.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 5 months