7.5
CVSSv2

CVE-2020-13957

Published: 13/10/2020 Updated: 02/11/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Apache Solr could allow a remote malicious user to bypass security restrictions, caused by improper access control by the Configsets API. By using a combination of UPLOAD/CREATE actions, an attacker could exploit this vulnerability to bypass the checking mechanism for features considered as dangerous.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache solr

Github Repositories

Xray PoC CVE-2020-13957 Special Notes Here ConfigSet API can only be used in SolrCloud Mode After Solr 840, Upload New ConfigSet can be unauthenticated, but it is untrusted (SOLR-14071) Any collection created by untrusted configset will require securityjson in place and authentication/authorization to be enabled Or you will get an error: Error Message: The configset

PoC List

PoC List CVE-2020-13957 Apache Solr RCE CVE-2020-13957 Apache Solr RCE

Apache Solr Exploits

Apache-Solr-Vulnerability Apache Solr Some Exploits Solr Apache Solr为世界上许多最大的互联网站点提供搜索和导航功能,是一个开源的搜索服务器。具有高度可靠、可伸缩和容错的,提供分布式索引、复制和负载平衡查询、自动故障转移和恢复、集中配置等功能。 List CVE-2019-0193 CVE-2019-0192 CVE-2019-17558 CV

References

CWE-862https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075@%3Ccommits.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3@%3Cissues.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7@%3Ccommits.lucene.apache.org%3Ehttps://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3Ehttps://security.netapp.com/advisory/ntap-20201023-0002/https://github.com/MagicPiperSec/xray-poc-cve-2020-13957https://nvd.nist.govhttps://github.com/s-index/poc-listhttps://exchange.xforce.ibmcloud.com/vulnerabilities/189644