Skip to main content

Solr

36 CVEs product

Monthly

CVE-2026-22444 Maven HIGH PATCH This Week

Apache Solr 8.6 through 9.10.0 in standalone mode fails to properly validate the "create core" API parameters, allowing authenticated users to bypass the allowPaths security restriction and access unauthorized filesystem locations. On Windows systems configured with UNC path support, this vulnerability can lead to NTLM credential hash disclosure. Affected deployments using the allowPaths setting are at risk of unauthorized core creation and information exposure.

Windows Apache Solr Red Hat
NVD HeroDevs
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-22022 Maven HIGH PATCH This Week

Unauthorized API access in Apache Solr 5.3.0 through 9.10.0 allows unauthenticated attackers to bypass the RuleBasedAuthorizationPlugin due to insufficient input validation in permission rule enforcement. This vulnerability affects only deployments using multiple roles with specific predefined permissions like config-read, config-edit, schema-read, metrics-read, or security-read without the "all" permission rule defined. Successful exploitation grants attackers unauthorized access to sensitive Solr APIs, potentially exposing configuration and security data.

Apache Solr Red Hat
NVD HeroDevs
CVSS 3.1
8.2
EPSS
0.2%
CVE-2025-24814 Maven MEDIUM PATCH This Month

Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Apache Solr Red Hat
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-52012 Maven MEDIUM PATCH This Month

Relative Path Traversal vulnerability in Apache Solr. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Microsoft Apache Path Traversal Solr Windows
NVD
CVSS 3.1
5.4
EPSS
13.5%
CVE-2024-45217 Maven HIGH PATCH This Week

Insecure Default Initialization of Resource vulnerability in Apache Solr. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2024-45216 Maven CRITICAL POC PATCH THREAT Act Now

Improper Authentication vulnerability in Apache Solr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Solr
NVD
CVSS 3.1
9.8
EPSS
90.7%
CVE-2021-44548 Maven CRITICAL PATCH Act Now

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Information Disclosure Apache Solr
NVD
CVSS 3.1
9.8
EPSS
5.1%
CVE-2021-33813 Maven HIGH POC PATCH THREAT This Week

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service XXE Jdom Solr Tika +3
NVD GitHub
CVSS 3.1
7.5
EPSS
19.4%
CVE-2021-29943 Maven CRITICAL PATCH Act Now

When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Solr
NVD
CVSS 3.1
9.1
EPSS
5.3%
CVE-2021-29262 Maven HIGH PATCH This Week

When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
CVSS 3.1
7.5
EPSS
7.8%
CVE-2021-27905 Maven CRITICAL POC PATCH THREAT Act Now

The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache SSRF Solr
NVD
CVSS 3.1
9.8
EPSS
93.1%
CVE-2021-28163 Maven LOW POC PATCH Monitor

In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Jetty Fedora Ignite Solr +19
NVD GitHub
CVSS 3.1
2.7
EPSS
4.2%
CVE-2020-13957 Maven CRITICAL PATCH Act Now

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache RCE Authentication Bypass Solr
NVD
CVSS 3.1
9.8
EPSS
78.9%
CVE-2020-13941 Maven HIGH PATCH This Week

Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
CVSS 3.1
8.8
EPSS
3.8%
CVE-2018-11802 Maven MEDIUM PATCH This Month

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Apache Authentication Bypass Solr
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2019-17558 Maven HIGH POC KEV PATCH THREAT Act Now

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Apache Solr Primavera Unifier
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
98.6%
CVE-2019-12409 Maven CRITICAL POC PATCH THREAT Act Now

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Apache Solr
NVD GitHub
CVSS 3.1
9.8
EPSS
21.9%
CVE-2019-12401 Maven HIGH POC PATCH This Week

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Solr
NVD GitHub
CVSS 3.1
7.5
EPSS
7.5%
CVE-2019-0193 Maven HIGH POC KEV PATCH THREAT This Week

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Java Apache RCE Solr +1
NVD
CVSS 3.1
7.2
EPSS
83.5%
CVE-2019-0192 Maven CRITICAL POC PATCH THREAT Act Now

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apache Deserialization Solr Storage Automation Store
NVD
CVSS 3.0
9.8
EPSS
77.5%
CVE-2018-8026 Maven MEDIUM POC PATCH This Month

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XXE Apache Solr Snapcenter Storage Automation Store
NVD
CVSS 3.0
5.5
EPSS
9.0%
CVE-2018-8010 Maven MEDIUM PATCH This Month

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

XXE Apache Solr
NVD
CVSS 3.0
5.5
EPSS
3.9%
CVE-2018-1308 Maven HIGH PATCH This Week

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Apache Solr Debian Linux
NVD
CVSS 3.0
7.5
EPSS
20.9%
CVE-2017-1000190 Maven CRITICAL POC PATCH Act Now

SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Information Disclosure SSRF Solr Simplexml
NVD GitHub
CVSS 3.1
9.1
EPSS
4.7%
CVE-2017-12629 Maven CRITICAL POC PATCH THREAT Act Now

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 93.9%.

Apache XXE Elastic RCE Solr +3
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
93.9%
Threat
6.3
CVE-2017-9803 Maven HIGH PATCH This Week

Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Privilege Escalation Solr
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-3163 Maven HIGH PATCH Act Now

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.9%.

Path Traversal Apache Solr
NVD
CVSS 3.0
7.5
EPSS
11.9%
CVE-2017-7660 Maven HIGH PATCH This Week

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Solr
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-8797 Maven MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Apache Solr
NVD
CVSS 3.0
6.1
EPSS
2.1%
CVE-2015-8796 Maven MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Apache Solr
NVD
CVSS 3.0
6.1
EPSS
2.6%
CVE-2015-8795 Maven MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Apache Solr
NVD
CVSS 3.0
6.1
EPSS
2.6%
CVE-2014-3628 Maven MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Apache Solr
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2012-6612 Maven HIGH PATCH This Week

The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Apache XXE Solr
NVD
CVSS 2.0
7.5
EPSS
1.4%
CVE-2013-6408 Maven MEDIUM PATCH This Month

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

Apache XXE Solr
NVD
CVSS 2.0
6.4
EPSS
11.4%
CVE-2013-6407 Maven MEDIUM PATCH This Month

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

Apache XXE Solr
NVD
CVSS 2.0
6.4
EPSS
11.4%
CVE-2013-6397 Maven MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 90.9%.

Apache Path Traversal XXE Solr
NVD
CVSS 2.0
4.3
EPSS
90.9%
Threat
5.1
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Apache Solr 8.6 through 9.10.0 in standalone mode fails to properly validate the "create core" API parameters, allowing authenticated users to bypass the allowPaths security restriction and access unauthorized filesystem locations. On Windows systems configured with UNC path support, this vulnerability can lead to NTLM credential hash disclosure. Affected deployments using the allowPaths setting are at risk of unauthorized core creation and information exposure.

Windows Apache Solr +1
NVD HeroDevs
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Unauthorized API access in Apache Solr 5.3.0 through 9.10.0 allows unauthenticated attackers to bypass the RuleBasedAuthorizationPlugin due to insufficient input validation in permission rule enforcement. This vulnerability affects only deployments using multiple roles with specific predefined permissions like config-read, config-edit, schema-read, metrics-read, or security-read without the "all" permission rule defined. Successful exploitation grants attackers unauthorized access to sensitive Solr APIs, potentially exposing configuration and security data.

Apache Solr Red Hat
NVD HeroDevs
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Apache Solr +1
NVD
EPSS 13% CVSS 5.4
MEDIUM PATCH This Month

Relative Path Traversal vulnerability in Apache Solr. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Microsoft Apache Path Traversal +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Insecure Default Initialization of Resource vulnerability in Apache Solr. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
EPSS 91% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Improper Authentication vulnerability in Apache Solr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Solr
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Information Disclosure +2
NVD
EPSS 19% CVSS 7.5
HIGH POC PATCH THREAT This Week

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service XXE Jdom +5
NVD GitHub
EPSS 5% CVSS 9.1
CRITICAL PATCH Act Now

When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Solr
NVD
EPSS 8% CVSS 7.5
HIGH PATCH This Week

When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
EPSS 93% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache SSRF Solr
NVD
EPSS 4% CVSS 2.7
LOW POC PATCH Monitor

In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Jetty Fedora +21
NVD GitHub
EPSS 79% CVSS 9.8
CRITICAL PATCH Act Now

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache RCE Authentication Bypass +1
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Apache Authentication Bypass Solr
NVD
EPSS 99% CVSS 7.5
HIGH POC KEV PATCH THREAT Act Now

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Apache Solr +1
NVD Exploit-DB
EPSS 22% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Apache Solr
NVD GitHub
EPSS 8% CVSS 7.5
HIGH POC PATCH This Week

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Solr
NVD GitHub
EPSS 84% CVSS 7.2
HIGH POC KEV PATCH THREAT This Week

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Java Apache +3
NVD
EPSS 78% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apache Deserialization +2
NVD
EPSS 9% CVSS 5.5
MEDIUM POC PATCH This Month

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XXE Apache Solr +2
NVD
EPSS 4% CVSS 5.5
MEDIUM PATCH This Month

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

XXE Apache Solr
NVD
EPSS 21% CVSS 7.5
HIGH PATCH This Week

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Apache Solr +1
NVD
EPSS 5% CVSS 9.1
CRITICAL POC PATCH Act Now

SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Information Disclosure SSRF +2
NVD GitHub
EPSS 94% 6.3 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 93.9%.

Apache XXE Elastic +5
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Privilege Escalation +1
NVD
EPSS 12% CVSS 7.5
HIGH PATCH Act Now

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.9%.

Path Traversal Apache Solr
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Solr
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Apache Solr
NVD
EPSS 3% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Apache Solr
NVD
EPSS 3% CVSS 6.1
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Apache Solr
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Apache Solr
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Apache XXE Solr
NVD
EPSS 11% CVSS 6.4
MEDIUM PATCH This Month

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

Apache XXE Solr
NVD
EPSS 11% CVSS 6.4
MEDIUM PATCH This Month

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

Apache XXE Solr
NVD
EPSS 91% 5.1 CVSS 4.3
MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 90.9%.

Apache Path Traversal XXE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy