Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 93.9%.
Apache
XXE
Elastic
RCE
Solr
+3
NVD
Exploit-DB
CVSS 3.1
9.8
EPSS
93.9%
Threat
6.3