CNNVD-202601-3432 Information

CNNVD ID

CNNVD-202601-3432

Related CVE

CVE-2026-22022

• CNNVD Published: 2026-01-21

Description (Chinese)

Apache Solr是美国阿帕奇（Apache）基金会的一款基于Lucene（一款全文搜索引擎）的搜索服务器。该产品支持层面搜索、垂直搜索、高亮显示搜索结果等。 Apache Solr 5.3.0版本至9.10.0版本存在安全漏洞，该漏洞源于基于规则的授权插件输入验证不足，可能导致对某些Solr API的未授权访问。

Description (English)

Apache Solr is a search server for the Apache Foundation in the United States based on Lucene (a full-text search engine). The product supports horizontal, vertical, high-profile search results, etc. There is a security loophole between Appache Solr 5.3.0 and 9.10.0, which stems from inadequate validation of rule-based authorized plugins, which may lead to unauthorized access to some Solr API.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2026-01-21

Last Modified

2026-02-24

References

https://lists.apache.org/thread/d59hqbgo7p62myq7mgfpz7or8n1j7wbn http://www.openwall.com/lists/oss-security/2026/01/20/4

Patch

https://solr.apache.org/