DescriptionA flaw was found in Apache Solr. Streaming Expressions allow users to extract data from other Solr Clouds using a "zkHost" parameter. When the original SolrCloud is set up to use ZooKeeper credentials and ACLs, they will be sent to whichever "zkHost" the user provides. An attacker could set up a server to impersonate ZooKeeper that accepts ZooKeeper requests with credentials and ACLs and extract sensitive information, then send a streaming expression using the malicious server's address in "zkHost". Streaming Expressions are exposed via the "/streaming" handler with "read" permissions.A flaw was found in Apache Solr. Streaming Expressions allow users to extract data from other Solr Clouds using a "zkHost" parameter. When the original SolrCloud is set up to use ZooKeeper credentials and ACLs, they will be sent to whichever "zkHost" the user provides. An attacker could set up a server to impersonate ZooKeeper that accepts ZooKeeper requests with credentials and ACLs and extract sensitive information, then send a streaming expression using the malicious server's address in "zkHost". Streaming Expressions are exposed via the "/streaming" handler with "read" permissions.