Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core · CVE-2017-3164 · GitHub Advisory Database · GitHub

Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core

High severity GitHub Reviewed Published Mar 14, 2019 to the GitHub Advisory Database • Updated Jan 11, 2023

Package

org.apache.solr:solr-core (Maven)

Affected versions

>= 1.30, <= 7.6.0

Patched versions

7.7.0

Description

Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.

References

Published to the GitHub Advisory Database Mar 14, 2019

Reviewed Jun 16, 2020

Last updated Jan 11, 2023

Severity

High

/ 10

CVSS v3 base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N