The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Information Exposure vulnerabilities in an interactive lesson.
Start learningUpgrade org.apache.solr:solr-core
to version 8.3.0 or higher.
org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene
Affected versions of this package are vulnerable to Information Exposure. Insecure setting for the ENABLE_REMOTE_JMX_OPT
S configuration option in the default solr.in.sh
configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983)
, without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
Note this affects Linux users only,