7.5
CVSSv2

CVE-2021-27905

Published: 13/04/2021 Updated: 18/06/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache solr

Vendor Advisories

The ReplicationHandler (normally registered at "/replication" under a Solr core) has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core To prevent a server-side request forgery (SSRF) vulnerability, Solr ought to check these paramete ...

Github Repositories

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : 方法说明 -u or --url : 站点URL地址 -d or --dnslog : DnsLog eg python3 CVE-2021-27905py -u URL -d dnslog

清单 披露时间 涉及商家/产品 漏洞描述 2021/04/08 启明星辰天清汉马USG防火墙存在逻辑缺陷漏洞(历史漏洞) CNVD-2021-17391 启明星辰 天清汉马USG防火墙 逻辑缺陷漏洞 CNVD-2021-12793 2021/04/08 禅道项目管理软件116 禅道 116 sql注入漏洞 2021/04/08 金山WPS(历史漏洞CVE-2020-25291) 通过

Kenzer Templates [1289] TEMPLATE TOOL FILE favinizer favinizer favinizeryaml CVE-2017-5638 jaeles jaeles\cvescan\critical\CVE-2017-5638yaml CVE-2017-6360 jaeles jaeles\cvescan\critical\CVE-2017-6360yaml CVE-2017-6361 jaeles jaeles\cvescan\critical\CVE-2017-6361yaml CVE-2017-9841 jaeles jaeles\cvescan\critical\CVE-2017-9841yaml CVE-2018-16763 jaeles jaeles\

TEMPLATE TOOL FILE favinizer favinizer favinizeryaml CVE-2017-5638 jaeles jaeles\cvescan\critical\CVE-2017-5638yaml CVE-2017-6360 jaeles jaeles\cvescan\critical\CVE-2017-6360yaml CVE-2017-6361 jaeles jaeles\cvescan\critical\CVE-2017-6361yaml CVE-2017-9841 jaeles jaeles\cvescan\critical\CVE-2017-9841yaml CVE-2018-16763 jaeles jaeles\cvescan\critical\CVE-2018-1