Homepage
About Snyk

Privilege Escalation Affecting org.apache.solr:solr-core package, versions [6.2.0,6.6.1)

Severity

 Recommended
0.0
high
0
10

CVSS assessment made by Snyk's Security Team

    Threat Intelligence

    EPSS
    0.06% (27th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-JAVA-ORGAPACHESOLR-31561
  • published 5 Nov 2017
  • disclosed 2 Aug 2017
  • credit Hrishikesh Gadre
Report a new vulnerability Found a mistake?

Introduced: 2 Aug 2017

CVE-2017-9803 Open this link in a new tab
CWE-287 Open this link in a new tab

How to fix?

Upgrade org.apache.solr:solr-core to version 6.6.1 or higher.

Overview

org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene.

Affected versions of the package are vulnerable to Privilege Escalation. Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g. SaslZkACLProvider). Firstly, access to the security configuration can be leaked to users other than the solr super user. Secondly, malicious users can exploit this leaked configuration for privilege escalation to further expose/modify private data and/or disrupt operations in the Solr cluster. The vulnerability is fixed from Solr 6.6.1 onwards.

CVSS Scores

version 3.1
Expand this section

Snyk

Recommended
7.5 high
  • Attack Vector (AV)
    Network
  • Attack Complexity (AC)
    High
  • Privileges Required (PR)
    Low
  • User Interaction (UI)
    None
  • Scope (S)
    Unchanged
  • Confidentiality (C)
    High
  • Integrity (I)
    High
  • Availability (A)
    High