Fluid Attacks Database

Description

Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
maven	org.apache.solr:solr-core	>=1.3.0 <7.7.0	7.7.0
debian 14	lucene-solr	=3.6.2+dfsg-26 \|\| =3.6.2+dfsg-27	-
debian 13	lucene-solr	=3.6.2+dfsg-26 \|\| =3.6.2+dfsg-27	-
debian 12	lucene-solr	=3.6.2+dfsg-26 \|\| =3.6.2+dfsg-27	-
debian 11	lucene-solr	=3.6.2+dfsg-24 \|\| =3.6.2+dfsg-25 \|\| =3.6.2+dfsg-26 \|\| =3.6.2+dfsg-27	-

Aliases

1. CVE-2017-31642. NVD-2017-31643. OSV-2017-31644. OSV-DEBIAN-2017-31645. GCVE-2017-31646. SECURITY-TRACKER-CVE-2017-3164

References

1. https://lists.apache.org/thread.html/43026507844ada1ac658ccf7bc939378c13e492fd6538416ce65df39@%3Cdev.lucene.apache.org%3E2. https://lists.apache.org/thread.html/75dc651478f9d04505b46d44fe3ac739e7aaf3d7bf1257973685f8f7@%3Cdev.lucene.apache.org%3E3. https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E4. https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649@%3Cdev.lucene.apache.org%3E5. https://lists.apache.org/thread.html/e0f9c652b57a91fdcc287efcead620af9f4d8e46b88f0b761aa265de@%3Cdev.lucene.apache.org%3E6. https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E7. https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E8. http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/%3CCAECwjAVjBN%3DwO5rYs6ktAX-5%3D-f5JDFwbbTSM2TTjEbGO5jKKA%40mail.gmail.com%3E9. http://security.netapp.com/advisory/ntap-20190327-000310. http://www.oracle.com/security-alerts/cpuoct2020.html11. http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html12. https://github.com/tdwyer/PoC_CVE-2017-3164_CVE-2017-1262